999999.9 /**/union/**/all /**/select /**/cast...
select cast (2000 as type of quint) from rdb$database select cast (2000 as int) from rdb$database. If TYPE OF is used with a (VAR)CHAR type, its character.
999999.9 //union//all //select //cast(0x393133353134353632312e39...)
select cast (2000 as type of quint) from rdb$database select cast (2000 as int) from rdb$database.
Шпаргалка по SQL инъекциям | DefconRU
Синтаксис: 0xHEX_ЧИСЛО (SM): SELECT CHAR(0x66) (S) SELECT 0x5045 (это не число, а строка) (M) SELECT 0x50 + 0x45 (теперь это
999999.9 //union//all //**/union/**/all/**/select/**/null, null, null...
999999.9 union all select 0x31303235343830303536-- на YouTube: Поиск реализован с помощью YandexXML и Google Custom Search API.
javascript - Convert a string to an integer? - Stack Overflow
One way is to parse it and the other way is to change its type to a Number. All of the tricks in the other answers (e.g. unary plus) involve implicitly coercing the type of the string to a number. You can also do the same thing explicitly with the Number function.
SQL Инъекции | Page 718 | ANTICHAT - Security online community
...(select+%28select+concat%280x7e%2C0x27%2Cunhex%28Hex%28cast%28database()+as+char)
PayloadsAllTheThings/SQL Injection at master...
A list of useful payloads and bypass for Web Application Security and Pentest/CTF - swisskyrepo/PayloadsAllTheThings.
Проблема с utf8, теряются кириллические буквы... / Sql.ru | Форум
...MySQL / Делаю так (SQL код выполняется из под SQL редактора Zend Studio):USE db_foo; SET NAMES 'utf8'; DROP TABLE IF EXISTS `T_TEST`; CREATE TABLE `T_TEST` ( `name` char(64) NOT NULL ) ENGINE
SQL injection bypass cheatsheet – All things in moderation
Generally, these rules cover common attacks such as cross-site scripting (XSS) and SQL injection. SQL Injection Bypass WAF Techniques.
Исправляем поврежденные MySQL-таблицы с myisamchk... / Хабр
undef error - DBD::mysql::db selectrow_array failed: Table 'attach_data' is marked as crashed and should be repaired [for Statement "SELECT LENGTH(thedata)