SQL injection

https://portswigger.net/web-security/sql-injection

db cheatsheet: https://portswigger.net/web-security/sql-injection/cheat-sheet

oracle:

On Oracle databases, every SELECT statement must specify a table to select FROM. If your UNION SELECT attack does not query from a table, you will still need to include the FROM keyword followed by a valid table name.

There is a built-in table on Oracle called dual which you can use for this purpose. For example: UNION SELECT 'abc' FROM dual

Previousfile transfer between two machines NextGoogle Dorking

Last updated 1 year ago