Wiki

User Tools

Site Tools

Trace: display_list_of_available_packages
hacking:sql_injection_cheat_sheet_postgresql

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
hacking:sql_injection_cheat_sheet_postgresql [2020/04/01 11:36] – created peterhacking:sql_injection_cheat_sheet_postgresql [2020/07/15 09:30] (current) – external edit 127.0.0.1
Line 42: Line 42:
 SELECT CAST('1' as int); SELECT CAST('1' as int);
 </code>| </code>|
-|String Concatenation|SELECT 'A' || 'B'; -- returns AB|+|String Concatenation|<nowiki>SELECT 'A' || 'B'; -- returns AB</nowiki>|
 |If Statement|IF statements only seem valid inside functions, so aren't much use for SQL injection. See CASE statement instead.| |If Statement|IF statements only seem valid inside functions, so aren't much use for SQL injection. See CASE statement instead.|
 |Case Statement|SELECT CASE WHEN (1=1) THEN 'A' ELSE 'B' END; -- returns A| |Case Statement|SELECT CASE WHEN (1=1) THEN 'A' ELSE 'B' END; -- returns A|
hacking/sql_injection_cheat_sheet_postgresql.1585740961.txt.gz · Last modified: 2020/07/15 09:30 (external edit)
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki