This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

SQL Injection Cookbook template

From OWASP

Revision as of 19:04, 13 January 2007 by [email protected] (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to: navigation, search

1 Reconnaissance
2 Query attacks & tricks

Reconnaissance

Meta-data

Data about data

List of table names

How to get a list of table names

List of columns for a specific table

Information about the indexes of a specific table

Stored Procedures

List of stored procedures

Parameters for stored procedures

Source code of stored procedures

System data

List of database users

Database user permissions

Database server settings

Operating System version

OS environment variables

Query attacks & tricks

Data type casting

String-based queries with no quote characters

SQL tautology attacks

Retrieved from "https://wiki.owasp.org/index.php?title=SQL_Injection_Cookbook_template&oldid=15307"