Mirrors/PayloadsAllTheThings
2
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2024-11-10 07:04:22 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #721 from MarkCyber/master

Browse source 
DBMS Identification Via Error
This commit is contained in:
Swissky 2024-06-02 11:23:13 +02:00 committed by GitHub
commit cb69cecd11
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 15 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
SQL Injection/README.md
View file

@ -134,6 +134,21 @@ Detection of an SQL injection entry point
["'i'='i'", "MSACCESS,SQLITE,POSTGRESQL,ORACLE,MSSQL,MYSQL"],
```
## DBMS Identification VIA Error
DBMS | Example Error Message | Example Payload |
|---------------------|------------------------------------------------------------------------------------------|-----------------|
| MySQL | `You have an error in your SQL syntax; ... near '' at line 1` | `'` |
| PostgreSQL | `ERROR: unterminated quoted string at or near "'"` | `'` |
| PostgreSQL | `ERROR: syntax error at or near "1"` | `1'` |
| Microsoft SQL Server| `Unclosed quotation mark after the character string ''.` | `'` |
| Microsoft SQL Server| `Incorrect syntax near ''.` | `'` |
| Microsoft SQL Server| `The conversion of the varchar value to data type int resulted in an out-of-range value.`| `1'` |
| Oracle | `ORA-00933: SQL command not properly ended` | `'` |
| Oracle | `ORA-01756: quoted string not properly terminated` | `'` |
| Oracle | `ORA-00923: FROM keyword not found where expected` | `1'` |
------------------------------------------------------------------------------------------------------------------------------------
## SQL injection using SQLmap