Difference between revisions of "SQL Injection Cookbook template"
From OWASP
| Line 1: | Line 1: | ||
__TOC__ | __TOC__ | ||
| − | = | + | =Database objects= |
==Tables== | ==Tables== | ||
===List of table names=== | ===List of table names=== | ||
| + | ===Create a table=== | ||
===List of columns for a specific table=== | ===List of columns for a specific table=== | ||
===Information about the indexes of a specific table=== | ===Information about the indexes of a specific table=== | ||
| + | ===Create a index=== | ||
==Stored Procedures== | ==Stored Procedures== | ||
| − | ===List of stored procedures=== | + | ===List of stored procedures or functions=== |
| − | ===Parameters for stored | + | ===Parameters for a stored procedure or function=== |
| − | ===Source code of stored | + | ===Source code of a stored procedure or function=== |
| − | ==System data== | + | ===Create a stored procedure or function=== |
| + | |||
| + | =System data= | ||
| + | ==Users== | ||
===List of database users=== | ===List of database users=== | ||
===Database user permissions=== | ===Database user permissions=== | ||
| − | ===Database server settings=== | + | ===Create a new user=== |
| + | ===Change a user password=== | ||
| + | ==Database server settings== | ||
| + | ==Host Operating System== | ||
===Operating System version=== | ===Operating System version=== | ||
===OS environment variables=== | ===OS environment variables=== | ||
| + | ====Execute OS shell commands==== | ||
| − | = | + | =Queries= |
==Data type casting== | ==Data type casting== | ||
==String-based queries with no quote characters== | ==String-based queries with no quote characters== | ||
| + | |||
| + | =Attacks= | ||
==SQL tautology attacks== | ==SQL tautology attacks== | ||
| + | |||
| + | =Creating content= | ||
| + | ==Create a new table== | ||
| + | ==Create an index== | ||
| + | ==Create a new user== | ||
