select cast (2000 as type of quint) from rdb$database select cast (2000 as int) from rdb$database. If TYPE OF is used with a (VAR)CHAR type, its character.
Free Online Games on Fukgames.com Play Free Games,Free online games, Free Games, Play Free Online Games at FukGames.com For Free, Addicting Free Games.
(3) - Card Games (50) - Card Solitaire (15) - Cards (107) - Care (95) - Caring (39) - Cars (33) - Cartoon (1) - Casino (34) - Castle (103) - Cat (330) - Cats (2) - Celebrity (5) - Chain Reaction (1) - Chain-reaction (1) - Challenge (8) - Challenging (1) - Chasing Game (61) - Checkers (3) - Chef (1) - Chess (9)...
На сайте искали: 999999.9+unio n+all+sel ect+0x393133353134353632312e39,0x393133353134353632322e39,0x393133353134353632332e39,0x393133353134353632342e39,0x393133353134353632352e39,0x393133353134353632362e39...
999999.9' union all select 999,2 and '0'='0 где купить в аптеках, Поиск и заказ лекарств в аптеках Санкт-Петербурга и Ленинградской области онлайн ...
but they are not recognized as attacks by glastopf. It should be useful, I think, to parse 'UNION ALL' string as SQL injection. I'm currently very busy and I don't have the time to study and modify the code, so don't blame me if I only notify here about the issue without contribute
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand. Not a member of Pastebin yet?
Справочник по функциям CAST и CONVERT Transact-SQL. Эти функции преобразуют выражения из одного типа данных в другой.
2f**%2fsElEcT+%2f**%2fcOnCaT(char(33,126,33),count(t.%2f**%2ftAbLe_nAmE),char(33,126,33))+%2f
They are combining 126, 39, database name as hex value, 39, and 126. -- is a mysql comment - it ignores the rest of your query after.