Last active
March 14, 2019 02:32
-
-
Save waderwu/5a7d3dcb61416772ffe933297188aeb0 to your computer and use it in GitHub Desktop.
mysql slq inject fuzz list
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Select | |
| Union | |
| Join | |
| Order | |
| By | |
| Limit | |
| From | |
| Information | |
| Schema | |
| Table | |
| Column | |
| Sleep | |
| Binary | |
| Benchmark | |
| If | |
| Case | |
| And | |
| Or | |
| As | |
| ' | |
| " | |
| ` | |
| , | |
| ( | |
| ) | |
| ! | |
| < | |
| > | |
| = | |
| / | |
| * | |
| # | |
| - | |
| | | |
| & | |
| || | |
| && | |
| - | |
| %20 | |
| %09 | |
| %0A | |
| %0B | |
| %0C | |
| %0D | |
| %A0 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ABS | |
| ACOS | |
| ADDDATE | |
| ADDTIME | |
| AES_DECRYPT | |
| AES_ENCRYPT | |
| AND | |
| && | |
| ANY_VALUE | |
| ASCII | |
| ASIN | |
| = | |
| := | |
| ASYMMETRIC_DECRYPT | |
| ASYMMETRIC_DERIVE | |
| ASYMMETRIC_ENCRYPT | |
| ASYMMETRIC_SIGN | |
| ASYMMETRIC_VERIFY | |
| ATAN | |
| ATAN2 | |
| ATAN | |
| AVG | |
| BENCHMARK | |
| BETWEEN | |
| BIN | |
| BIN_TO_UUID | |
| BINARY | |
| BIT_AND | |
| BIT_COUNT | |
| BIT_LENGTH | |
| BIT_OR | |
| BIT_XOR | |
| & | |
| ~ | |
| | | |
| ^ | |
| CAN_ACCESS_COLUMN | |
| CAN_ACCESS_DATABASE | |
| CAN_ACCESS_TABLE | |
| CAN_ACCESS_VIEW | |
| CASE | |
| CAST | |
| CEIL | |
| CEILING | |
| CHAR | |
| CHAR_LENGTH | |
| CHARACTER_LENGTH | |
| CHARSET | |
| COALESCE | |
| COERCIBILITY | |
| COLLATION | |
| COMPRESS | |
| CONCAT | |
| CONCAT_WS | |
| CONNECTION_ID | |
| CONV | |
| CONVERT | |
| CONVERT_TZ | |
| COS | |
| COT | |
| COUNT | |
| COUNT(DISTINCT | |
| CRC32 | |
| CREATE_ASYMMETRIC_PRIV_KEY | |
| CREATE_ASYMMETRIC_PUB_KEY | |
| CREATE_DH_PARAMETERS | |
| CREATE_DIGEST | |
| CUME_DIST | |
| CURDATE | |
| CURRENT_DATE | |
| CURRENT_DATE | |
| CURRENT_ROLE | |
| CURRENT_TIME | |
| CURRENT_TIME | |
| CURRENT_TIMESTAMP | |
| CURRENT_TIMESTAMP | |
| CURRENT_USER | |
| CURRENT_USER | |
| CURTIME | |
| DATABASE | |
| DATE | |
| DATE_ADD | |
| DATE_FORMAT | |
| DATE_SUB | |
| DATEDIFF | |
| DAY | |
| DAYNAME | |
| DAYOFMONTH | |
| DAYOFWEEK | |
| DAYOFYEAR | |
| DECODE | |
| DEFAULT | |
| DEGREES | |
| DENSE_RANK | |
| DES_DECRYPT | |
| DES_ENCRYPT | |
| DIV | |
| / | |
| ELT | |
| ENCODE | |
| ENCRYPT | |
| = | |
| <=> | |
| EXP | |
| EXPORT_SET | |
| EXTRACT | |
| ExtractValue | |
| FIELD | |
| FIND_IN_SET | |
| FIRST_VALUE | |
| FLOOR | |
| FORMAT | |
| FORMAT_BYTES | |
| FORMAT_PICO_TIME | |
| FOUND_ROWS | |
| FROM_BASE64 | |
| FROM_DAYS | |
| FROM_UNIXTIME | |
| GeomCollection | |
| GeometryCollection | |
| GET_DD_COLUMN_PRIVILEGES | |
| GET_DD_CREATE_OPTIONS | |
| GET_DD_INDEX_SUB_PART_LENGTH | |
| GET_FORMAT | |
| GET_LOCK | |
| > | |
| >= | |
| GREATEST | |
| GROUP_CONCAT | |
| GROUPING | |
| GTID_SUBSET | |
| GTID_SUBTRACT | |
| HEX | |
| HOUR | |
| ICU_VERSION | |
| IF | |
| IFNULL | |
| IN | |
| INET_ATON | |
| INET_NTOA | |
| INET6_ATON | |
| INET6_NTOA | |
| INSERT | |
| INSTR | |
| INTERNAL_AUTO_INCREMENT | |
| INTERNAL_AVG_ROW_LENGTH | |
| INTERNAL_CHECK_TIME | |
| INTERNAL_CHECKSUM | |
| INTERNAL_DATA_FREE | |
| INTERNAL_DATA_LENGTH | |
| INTERNAL_DD_CHAR_LENGTH | |
| INTERNAL_GET_COMMENT_OR_ERROR | |
| INTERNAL_GET_VIEW_WARNING_OR_ERROR | |
| INTERNAL_INDEX_COLUMN_CARDINALITY | |
| INTERNAL_INDEX_LENGTH | |
| INTERNAL_KEYS_DISABLED | |
| INTERNAL_MAX_DATA_LENGTH | |
| INTERNAL_TABLE_ROWS | |
| INTERNAL_UPDATE_TIME | |
| INTERVAL | |
| IS | |
| IS_FREE_LOCK | |
| IS_IPV4 | |
| IS_IPV4_COMPAT | |
| IS_IPV4_MAPPED | |
| IS_IPV6 | |
| IS NOT | |
| IS NOT NULL | |
| IS NULL | |
| IS_USED_LOCK | |
| IS_UUID | |
| ISNULL | |
| JSON_ARRAY | |
| JSON_ARRAY_APPEND | |
| JSON_ARRAY_INSERT | |
| JSON_ARRAYAGG | |
| -> | |
| JSON_CONTAINS | |
| JSON_CONTAINS_PATH | |
| JSON_DEPTH | |
| JSON_EXTRACT | |
| ->> | |
| JSON_INSERT | |
| JSON_KEYS | |
| JSON_LENGTH | |
| JSON_MERGE() (deprecated 8.0.3 | |
| JSON_MERGE_PATCH | |
| JSON_MERGE_PRESERVE | |
| JSON_OBJECT | |
| JSON_OBJECTAGG | |
| JSON_PRETTY | |
| JSON_QUOTE | |
| JSON_REMOVE | |
| JSON_REPLACE | |
| JSON_SEARCH | |
| JSON_SET | |
| JSON_STORAGE_FREE | |
| JSON_STORAGE_SIZE | |
| JSON_TABLE | |
| JSON_TYPE | |
| JSON_UNQUOTE | |
| JSON_VALID | |
| LAG | |
| LAST_DAY | |
| LAST_INSERT_ID | |
| LAST_VALUE | |
| LCASE | |
| LEAD | |
| LEAST | |
| LEFT | |
| << | |
| LENGTH | |
| < | |
| <= | |
| LIKE | |
| LineString | |
| LN | |
| LOAD_FILE | |
| LOCALTIME | |
| LOCALTIME | |
| LOCALTIMESTAMP | |
| LOCALTIMESTAMP | |
| LOCATE | |
| LOG | |
| LOG10 | |
| LOG2 | |
| LOWER | |
| LPAD | |
| LTRIM | |
| MAKE_SET | |
| MAKEDATE | |
| MAKETIME | |
| MASTER_POS_WAIT | |
| MATCH | |
| MAX | |
| MBRContains | |
| MBRCoveredBy | |
| MBRCovers | |
| MBRDisjoint | |
| MBREquals | |
| MBRIntersects | |
| MBROverlaps | |
| MBRTouches | |
| MBRWithin | |
| MD5 | |
| MICROSECOND | |
| MID | |
| MIN | |
| - | |
| MINUTE | |
| MOD | |
| % | |
| MOD | |
| MONTH | |
| MONTHNAME | |
| MultiLineString | |
| MultiPoint | |
| MultiPolygon | |
| NAME_CONST | |
| NOT | |
| ! | |
| != | |
| <> | |
| NOW | |
| NTH_VALUE | |
| NTILE | |
| NULLIF | |
| OCT | |
| OCTET_LENGTH | |
| || | |
| OR | |
| ORD | |
| PASSWORD | |
| PERCENT_RANK | |
| PERIOD_ADD | |
| PERIOD_DIFF | |
| PI | |
| + | |
| Point | |
| Polygon | |
| POSITION | |
| POW | |
| POWER | |
| PS_CURRENT_THREAD_ID | |
| PS_THREAD_ID | |
| QUARTER | |
| QUOTE | |
| RADIANS | |
| RAND | |
| RANDOM_BYTES | |
| RANK | |
| REGEXP | |
| REGEXP_INSTR | |
| REGEXP_LIKE | |
| REGEXP_REPLACE | |
| REGEXP_SUBSTR | |
| RELEASE_ALL_LOCKS | |
| RELEASE_LOCK | |
| REPEAT | |
| REPLACE | |
| REVERSE | |
| RIGHT | |
| >> | |
| RLIKE | |
| ROLES_GRAPHML | |
| ROUND | |
| ROW_COUNT | |
| ROW_NUMBER | |
| RPAD | |
| RTRIM | |
| SCHEMA | |
| SEC_TO_TIME | |
| SECOND | |
| SESSION_USER | |
| SHA1 | |
| SHA | |
| SHA2 | |
| SIGN | |
| SIN | |
| SLEEP | |
| SOUNDEX | |
| SOUNDS LIKE | |
| SPACE | |
| SQRT | |
| ST_Area | |
| ST_AsBinary | |
| ST_AsWKB | |
| ST_AsGeoJSON | |
| ST_AsText | |
| ST_AsWKT | |
| ST_Buffer | |
| ST_Buffer_Strategy | |
| ST_Centroid | |
| ST_Contains | |
| ST_ConvexHull | |
| ST_Crosses | |
| ST_Difference | |
| ST_Dimension | |
| ST_Disjoint | |
| ST_Distance | |
| ST_Distance_Sphere | |
| ST_EndPoint | |
| ST_Envelope | |
| ST_Equals | |
| ST_ExteriorRing | |
| ST_GeoHash | |
| ST_GeomCollFromText | |
| ST_GeometryCollectionFromText | |
| ST_GeomCollFromTxt | |
| ST_GeomCollFromWKB | |
| ST_GeometryCollectionFromWKB | |
| ST_GeometryN | |
| ST_GeometryType | |
| ST_GeomFromGeoJSON | |
| ST_GeomFromText | |
| ST_GeometryFromText | |
| ST_GeomFromWKB | |
| ST_GeometryFromWKB | |
| ST_InteriorRingN | |
| ST_Intersection | |
| ST_Intersects | |
| ST_IsClosed | |
| ST_IsEmpty | |
| ST_IsSimple | |
| ST_IsValid | |
| ST_LatFromGeoHash | |
| ST_Latitude | |
| ST_Length | |
| ST_LineFromText | |
| ST_LineStringFromText | |
| ST_LineFromWKB | |
| ST_LineStringFromWKB | |
| ST_LongFromGeoHash | |
| ST_Longitude | |
| ST_MakeEnvelope | |
| ST_MLineFromText | |
| ST_MultiLineStringFromText | |
| ST_MLineFromWKB | |
| ST_MultiLineStringFromWKB | |
| ST_MPointFromText | |
| ST_MultiPointFromText | |
| ST_MPointFromWKB | |
| ST_MultiPointFromWKB | |
| ST_MPolyFromText | |
| ST_MultiPolygonFromText | |
| ST_MPolyFromWKB | |
| ST_MultiPolygonFromWKB | |
| ST_NumGeometries | |
| ST_NumInteriorRing | |
| ST_NumInteriorRings | |
| ST_NumPoints | |
| ST_Overlaps | |
| ST_PointFromGeoHash | |
| ST_PointFromText | |
| ST_PointFromWKB | |
| ST_PointN | |
| ST_PolyFromText | |
| ST_PolygonFromText | |
| ST_PolyFromWKB | |
| ST_PolygonFromWKB | |
| ST_Simplify | |
| ST_SRID | |
| ST_StartPoint | |
| ST_SwapXY | |
| ST_SymDifference | |
| ST_Touches | |
| ST_Transform | |
| ST_Union | |
| ST_Validate | |
| ST_Within | |
| ST_X | |
| ST_Y | |
| STATEMENT_DIGEST | |
| STATEMENT_DIGEST_TEXT | |
| STD | |
| STDDEV | |
| STDDEV_POP | |
| STDDEV_SAMP | |
| STR_TO_DATE | |
| STRCMP | |
| SUBDATE | |
| SUBSTR | |
| SUBSTRING | |
| SUBSTRING_INDEX | |
| SUBTIME | |
| SUM | |
| SYSDATE | |
| SYSTEM_USER | |
| TAN | |
| TIME | |
| TIME_FORMAT | |
| TIME_TO_SEC | |
| TIMEDIFF | |
| * | |
| TIMESTAMP | |
| TIMESTAMPADD | |
| TIMESTAMPDIFF | |
| TO_BASE64 | |
| TO_DAYS | |
| TO_SECONDS | |
| TRIM | |
| TRUNCATE | |
| UCASE | |
| - | |
| UNCOMPRESS | |
| UNCOMPRESSED_LENGTH | |
| UNHEX | |
| UNIX_TIMESTAMP | |
| UpdateXML | |
| UPPER | |
| USER | |
| UTC_DATE | |
| UTC_TIME | |
| UTC_TIMESTAMP | |
| UUID | |
| UUID_SHORT | |
| UUID_TO_BIN | |
| VALIDATE_PASSWORD_STRENGTH | |
| VALUES | |
| VAR_POP | |
| VAR_SAMP | |
| VARIANCE | |
| VERSION | |
| WAIT_FOR_EXECUTED_GTID_SET | |
| WAIT_UNTIL_SQL_THREAD_AFTER_GTIDS | |
| WEEK | |
| WEEKDAY | |
| WEEKOFYEAR | |
| WEIGHT_STRING | |
| XOR | |
| YEAR | |
| YEARWEEK |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ACCESSIBLE | |
| ADD | |
| ALL | |
| ALTER | |
| ANALYZE | |
| AND | |
| AS | |
| ASC | |
| ASENSITIVE | |
| BEFORE | |
| BETWEEN | |
| BIGINT | |
| BINARY | |
| BLOB | |
| BOTH | |
| BY | |
| CALL | |
| CASCADE | |
| CASE | |
| CHANGE | |
| CHAR | |
| CHARACTER | |
| CHECK | |
| COLLATE | |
| COLUMN | |
| CONDITION | |
| CONSTRAINT | |
| CONTINUE | |
| CONVERT | |
| CREATE | |
| CROSS | |
| CUBE | |
| CUME_DIST | |
| CURRENT_DATE | |
| CURRENT_TIME | |
| CURRENT_TIMESTAMP | |
| CURRENT_USER | |
| CURSOR | |
| DATABASE | |
| DATABASES | |
| DAY_HOUR | |
| DAY_MICROSECOND | |
| DAY_MINUTE | |
| DAY_SECOND | |
| DEC | |
| DECIMAL | |
| DECLARE | |
| DEFAULT | |
| DELAYED | |
| DELETE | |
| DENSE_RANK | |
| DESC | |
| DESCRIBE | |
| DETERMINISTIC | |
| DISTINCT | |
| DISTINCTROW | |
| DIV | |
| DOUBLE | |
| DROP | |
| DUAL | |
| EACH | |
| ELSE | |
| ELSEIF | |
| EMPTY | |
| ENCLOSED | |
| ESCAPED | |
| EXCEPT | |
| EXISTS | |
| EXIT | |
| EXPLAIN | |
| FALSE | |
| FETCH | |
| FIRST_VALUE | |
| FLOAT | |
| FLOAT4 | |
| FLOAT8 | |
| FOR | |
| FORCE | |
| FOREIGN | |
| FROM | |
| FULLTEXT | |
| FUNCTION | |
| GENERATED | |
| GET | |
| GRANT | |
| GROUP | |
| GROUPING | |
| GROUPS | |
| HAVING | |
| HIGH_PRIORITY | |
| HOUR_MICROSECOND | |
| HOUR_MINUTE | |
| HOUR_SECOND | |
| IF | |
| IGNORE | |
| IN | |
| INDEX | |
| INFILE | |
| INNER | |
| INOUT | |
| INSENSITIVE | |
| INSERT | |
| INT | |
| INT1 | |
| INT2 | |
| INT3 | |
| INT4 | |
| INT8 | |
| INTEGER | |
| INTERVAL | |
| INTO | |
| IO_AFTER_GTIDS | |
| IO_BEFORE_GTIDS | |
| IS | |
| ITERATE | |
| JOIN | |
| JSON_TABLE | |
| KEY | |
| KEYS | |
| KILL | |
| LAG | |
| LAST_VALUE | |
| LATERAL | |
| LEAD | |
| LEADING | |
| LEAVE | |
| LEFT | |
| LIKE | |
| LIMIT | |
| LINEAR | |
| LINES | |
| LOAD | |
| LOCALTIME | |
| LOCALTIMESTAMP | |
| LOCK | |
| LONG | |
| LONGBLOB | |
| LONGTEXT | |
| LOOP | |
| LOW_PRIORITY | |
| MASTER_BIND | |
| MASTER_SSL_VERIFY_SERVER_CERT | |
| MATCH | |
| MAXVALUE | |
| MEDIUMBLOB | |
| MEDIUMINT | |
| MEDIUMTEXT | |
| MIDDLEINT | |
| MINUTE_MICROSECOND | |
| MINUTE_SECOND | |
| MOD | |
| MODIFIES | |
| NATURAL | |
| NOT | |
| NO_WRITE_TO_BINLOG | |
| NTH_VALUE | |
| NTILE | |
| NULL | |
| NUMERIC | |
| OF | |
| ON | |
| OPTIMIZE | |
| OPTIMIZER_COSTS | |
| OPTION | |
| OPTIONALLY | |
| OR | |
| ORDER | |
| OUT | |
| OUTER | |
| OUTFILE | |
| OVER | |
| PARTITION | |
| PERCENT_RANK | |
| PRECISION | |
| PRIMARY | |
| PROCEDURE | |
| PURGE | |
| RANGE | |
| RANK | |
| READ | |
| READS | |
| READ_WRITE | |
| REAL | |
| RECURSIVE | |
| REFERENCES | |
| REGEXP | |
| RELEASE | |
| RENAME | |
| REPEAT | |
| REPLACE | |
| REQUIRE | |
| RESIGNAL | |
| RESTRICT | |
| RETURN | |
| REVOKE | |
| RIGHT | |
| RLIKE | |
| ROW | |
| ROWS | |
| ROW_NUMBER | |
| SCHEMA | |
| SCHEMAS | |
| SECOND_MICROSECOND | |
| SELECT | |
| SENSITIVE | |
| SEPARATOR | |
| SET | |
| SHOW | |
| SIGNAL | |
| SMALLINT | |
| SPATIAL | |
| SPECIFIC | |
| SQL | |
| SQLEXCEPTION | |
| SQLSTATE | |
| SQLWARNING | |
| SQL_BIG_RESULT | |
| SQL_CALC_FOUND_ROWS | |
| SQL_SMALL_RESULT | |
| SSL | |
| STARTING | |
| STORED | |
| STRAIGHT_JOIN | |
| SYSTEM | |
| TABLE | |
| TERMINATED | |
| THEN | |
| TINYBLOB | |
| TINYINT | |
| TINYTEXT | |
| TO | |
| TRAILING | |
| TRIGGER | |
| TRUE | |
| UNDO | |
| UNION | |
| UNIQUE | |
| UNLOCK | |
| UNSIGNED | |
| UPDATE | |
| USAGE | |
| USE | |
| USING | |
| UTC_DATE | |
| UTC_TIME | |
| UTC_TIMESTAMP | |
| VALUES | |
| VARBINARY | |
| VARCHAR | |
| VARCHARACTER | |
| VARYING | |
| VIRTUAL | |
| WHEN | |
| WHERE | |
| WHILE | |
| WINDOW | |
| WITH | |
| WRITE | |
| XOR | |
| YEAR_MONTH | |
| ZEROFILL | |
| CUME_DIST | |
| DENSE_RANK | |
| EMPTY | |
| EXCEPT | |
| FIRST_VALUE | |
| GROUPING | |
| GROUPS | |
| JSON_TABLE | |
| LAG | |
| LAST_VALUE | |
| LATERAL | |
| LEAD | |
| NTH_VALUE | |
| NTILE | |
| OF | |
| OVER | |
| PERCENT_RANK | |
| RANK | |
| RECURSIVE | |
| ROW_NUMBER | |
| SYSTEM | |
| WINDOW |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Ascii | |
| Bin | |
| Bit_length | |
| Char | |
| Char_length | |
| Character_length | |
| Concat | |
| Concat_ws | |
| Elt | |
| Export_set | |
| Field | |
| Find_in_set | |
| Format | |
| From_base64 | |
| Hex | |
| Insert | |
| Instr | |
| Lcase | |
| Left | |
| Length | |
| Like | |
| Load_file | |
| Locate | |
| Lower | |
| Lpad | |
| Ltrim | |
| Make_set | |
| Match | |
| Mid | |
| Not Like | |
| Not Regexp | |
| Oct | |
| Octet_length | |
| Ord | |
| Position | |
| Quote | |
| Regexp | |
| Regexp_instr | |
| Regexp_like | |
| Regexp_replace | |
| Regexp_substr | |
| Repeat | |
| Replace | |
| Reverse | |
| Right | |
| Rlike | |
| Rpad | |
| Rtrim | |
| Soundex | |
| Sounds Like | |
| Space | |
| Strcmp | |
| Substr | |
| Substring | |
| Substring_index | |
| To_base64 | |
| Trim | |
| Ucase | |
| Unhex | |
| Upper | |
| Weight_string |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment