Difference between revisions of "SQL Injection Cookbook template"

Jump to: navigation, search
Line 29: Line 29:
==Valid string delimiters==
==Query comments==
==Query command delimiters==
==Data type casting==
==Data type casting==
==String-based queries with no quote characters==
==String-based queries with no quote characters==

Revision as of 14:08, 13 January 2007

Database objects


List of table names

Create a table

List of columns for a specific table

View table permissions

Change table permissions

Stored Procedures

List of stored procedures or functions

Parameters for a stored procedure or function

Source code of a stored procedure or function

Create a stored procedure or function

System data


List of database users

List of database administrators

Database user permissions

Create a new user

Change a user password


View database server settings

Change database server settings

Host Operating System

Operating System version

OS environment variables

Execute OS shell commands


Valid string delimiters

Query comments

Query command delimiters

Data type casting

String-based queries with no quote characters