This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "SQL Injection Cookbook template"
From OWASP
Line 1: | Line 1: | ||
__TOC__ | __TOC__ | ||
− | = | + | =Database objects= |
==Tables== | ==Tables== | ||
===List of table names=== | ===List of table names=== | ||
+ | ===Create a table=== | ||
===List of columns for a specific table=== | ===List of columns for a specific table=== | ||
===Information about the indexes of a specific table=== | ===Information about the indexes of a specific table=== | ||
+ | ===Create a index=== | ||
==Stored Procedures== | ==Stored Procedures== | ||
− | ===List of stored procedures=== | + | ===List of stored procedures or functions=== |
− | ===Parameters for stored | + | ===Parameters for a stored procedure or function=== |
− | ===Source code of stored | + | ===Source code of a stored procedure or function=== |
− | ==System data== | + | ===Create a stored procedure or function=== |
+ | |||
+ | =System data= | ||
+ | ==Users== | ||
===List of database users=== | ===List of database users=== | ||
===Database user permissions=== | ===Database user permissions=== | ||
− | ===Database server settings=== | + | ===Create a new user=== |
+ | ===Change a user password=== | ||
+ | ==Database server settings== | ||
+ | ==Host Operating System== | ||
===Operating System version=== | ===Operating System version=== | ||
===OS environment variables=== | ===OS environment variables=== | ||
+ | ====Execute OS shell commands==== | ||
− | = | + | =Queries= |
==Data type casting== | ==Data type casting== | ||
==String-based queries with no quote characters== | ==String-based queries with no quote characters== | ||
+ | |||
+ | =Attacks= | ||
==SQL tautology attacks== | ==SQL tautology attacks== | ||
+ | |||
+ | =Creating content= | ||
+ | ==Create a new table== | ||
+ | ==Create an index== | ||
+ | ==Create a new user== |