SQL Injection

Detecting SQL Injection

• Submitting the single quote character ' and looking for errors or other anomalies.

• Submitting some SQL-specific syntax that evaluates to the base (original) value of the entry point, and to a different value, and looking for systematic differences in the resulting application responses.

• Submitting Boolean conditions such as OR 1=1 and OR 1=2, and looking for differences in the application's responses.

• Submitting payloads designed to trigger time delays when executed within a SQL query, and looking for differences in the time taken to respond.

• Submitting OAST payloads designed to trigger an out-of-band network interaction when executed within a SQL query, and monitoring for any resulting interactions.

References When Hunting SQLi

PortSwigger SQL Injection Cheat Sheet

NetSPI SQL Injection Wiki