This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Difference between revisions of "SQL Injection Cookbook template"

Jump to: navigation, search
Line 23: Line 23:
===Operating System version===
===Operating System version===
===OS environment variables===
===OS environment variables===
====Execute OS shell commands====
===Execute OS shell commands===
Line 31: Line 31:
==SQL tautology attacks==
==SQL tautology attacks==
=Creating content=
==Create a new table==
==Create an index==
==Create a new user==

Revision as of 19:35, 13 January 2007

Database objects


List of table names

Create a table

List of columns for a specific table

Information about the indexes of a specific table

Create a index

Stored Procedures

List of stored procedures or functions

Parameters for a stored procedure or function

Source code of a stored procedure or function

Create a stored procedure or function

System data


List of database users

Database user permissions

Create a new user

Change a user password

Database server settings

Host Operating System

Operating System version

OS environment variables

Execute OS shell commands


Data type casting

String-based queries with no quote characters


SQL tautology attacks