info/big-list-of-naughty-strings
1
0
Fork 0
mirror of https://github.com/minimaxir/big-list-of-naughty-strings.git synced 2025-09-03 10:53:01 +02:00
Code Issues Releases Wiki Activity

Added tSQL-specific injection string

Browse Source 
Leverages built in sproc to drop all tables, instead of guessing a table name;
This commit is contained in:
Travis Manning
2020-05-14 08:59:56 -04:00
committed by GitHub
parent ff8b1b2105
commit a9bae33a08
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
blns.txt
View File

@@ -586,6 +586,7 @@ http://a/%%30%30
1'; DROP TABLE users-- 1
' OR 1=1 -- 1
' OR '1'='1
'; EXEC sp_MSForEachTable 'DROP TABLE ?'; --
%
_
@@ -729,4 +730,4 @@ Powerلُلُصّبُلُلصّبُررً ॣ ॣh ॣ ॣ冗
#
# This is a four characters string which includes Persian special characters (گچپژ)
گچپژ
گچپژ