Injection Techniques

Below are a couple techniques to aid you in exploiting various SQL injections.

Conditional Statements

Conditional statements are beneficial for creating complex queries and aiding in Blind Injection.

Injection Placement

SQL injection is always a hassle when it isn't apparent where the injection is taking place. It is helpful to have a few ways to exploit injections in various parts of the query.

Injection Obfuscation

Obfuscating queries aids in bypassing Web Application Firewalls (WAFs) and Intrusion Detection/Prevention Systems (IDS/IPS). Below are examples of basic query obfuscations, they may require modification before being applied to certain injections.

© 2019 Copyright by NetSPI. All rights reserved.