Difference between revisions of "SQL Injection Cookbook template"

From OWASP
Jump to: navigation, search
Line 23: Line 23:
 
===Operating System version===
 
===Operating System version===
 
===OS environment variables===
 
===OS environment variables===
====Execute OS shell commands====
+
===Execute OS shell commands===
  
 
=Queries=
 
=Queries=
Line 31: Line 31:
 
=Attacks=
 
=Attacks=
 
==SQL tautology attacks==
 
==SQL tautology attacks==
 
=Creating content=
 
==Create a new table==
 
==Create an index==
 
==Create a new user==
 

Revision as of 14:35, 13 January 2007

Database objects

Tables

List of table names

Create a table

List of columns for a specific table

Information about the indexes of a specific table

Create a index

Stored Procedures

List of stored procedures or functions

Parameters for a stored procedure or function

Source code of a stored procedure or function

Create a stored procedure or function

System data

Users

List of database users

Database user permissions

Create a new user

Change a user password

Database server settings

Host Operating System

Operating System version

OS environment variables

Execute OS shell commands

Queries

Data type casting

String-based queries with no quote characters

Attacks

SQL tautology attacks