search

danielmiessler / SecLists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
https://www.owasp.org/index.php/OWASP_Internet_of_Things_Project
MIT License
58.17k stars 23.89k forks source link

[Feature request]: Safe SQLi wordlist #1011

Open AndreaFiocchi opened 6 months ago

AndreaFiocchi commented 6 months ago

Feature Request: Create a wordlist for safe SQL Injection fuzzing that doesn't contain dangerous parameters

Additional context: Logical operators like ' OR 1=1 can be dangerous if successfully injected on a DELETE or UPDATE query.

molangning commented 6 months ago

Some example queries would be helpful, like DELETE %inject%

AndreaFiocchi commented 6 months ago

UPDATE users SET email = "new@ema.il" WHERE id = %inject% Injecting OR 1=1 hits every record in the table

Now, this is a fringe case and bad example as id is very unlikely controllable by user input but it gets the point. Injecting logical operators can result in damage if said operator controls which record(s) the query is hitting.

Another example is commenting out the rest of the query. In the previous example if email is injectable something like x" -- can unintentionally wreck havoc UPDATE users SET email = "x" -- " WHERE id = 1