Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Feature request]: Safe SQLi wordlist #1011

Open
AndreaFiocchi opened this issue Apr 18, 2024 · 2 comments
Open

[Feature request]: Safe SQLi wordlist #1011

AndreaFiocchi opened this issue Apr 18, 2024 · 2 comments

Comments

@AndreaFiocchi
Copy link

Feature Request:
Create a wordlist for safe SQL Injection fuzzing that doesn't contain dangerous parameters

Additional context:
Logical operators like ' OR 1=1 can be dangerous if successfully injected on a DELETE or UPDATE query.

@AndreaFiocchi AndreaFiocchi added the enhancement Enhancement label Apr 18, 2024
@molangning
Copy link
Contributor

Some example queries would be helpful, like DELETE %inject%

@AndreaFiocchi
Copy link
Author

AndreaFiocchi commented Apr 19, 2024

UPDATE users SET email = "[email protected]" WHERE id = %inject%
Injecting OR 1=1 hits every record in the table

Now, this is a fringe case and bad example as id is very unlikely controllable by user input but it gets the point.
Injecting logical operators can result in damage if said operator controls which record(s) the query is hitting.

Another example is commenting out the rest of the query.
In the previous example if email is injectable something like x" -- can unintentionally wreck havoc
UPDATE users SET email = "x" -- " WHERE id = 1

@g0tmi1k g0tmi1k added help wanted and removed enhancement Enhancement labels Aug 12, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

3 participants