Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Feature request]: Safe SQLi wordlist #1011

Open
AndreaFiocchi opened this issue Apr 18, 2024 · 2 comments
Open

[Feature request]: Safe SQLi wordlist #1011

AndreaFiocchi opened this issue Apr 18, 2024 · 2 comments
Labels
enhancement Enhancement

Comments

@AndreaFiocchi
Copy link

Feature Request:
Create a wordlist for safe SQL Injection fuzzing that doesn't contain dangerous parameters

Additional context:
Logical operators like ' OR 1=1 can be dangerous if successfully injected on a DELETE or UPDATE query.
@AndreaFiocchi AndreaFiocchi added the enhancement Enhancement label Apr 18, 2024
@molangning
Copy link
Contributor

Some example queries would be helpful, like DELETE %inject%

@AndreaFiocchi
Copy link
Author

AndreaFiocchi commented Apr 19, 2024
edited

UPDATE users SET email = "new@ema.il" WHERE id = %inject%
Injecting OR 1=1 hits every record in the table

Now, this is a fringe case and bad example as id is very unlikely controllable by user input but it gets the point.
Injecting logical operators can result in damage if said operator controls which record(s) the query is hitting.

Another example is commenting out the rest of the query.
In the previous example if email is injectable something like x" -- can unintentionally wreck havoc
UPDATE users SET email = "x" -- " WHERE id = 1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement Enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@AndreaFiocchi @molangning