Microsoft SQL Server Introduction
This section provides a comprehensive collection of SQL injection techniques specific to Microsoft SQL Server (MSSQL) databases. The techniques are organized into the following categories:
Basics
Fundamental concepts and techniques for MSSQL injection:
- Default Databases - Understanding and targeting SQL Server’s default databases
- Comment Out Query - Using SQL Server comment syntax to modify queries
- Testing Version - Methods to determine SQL Server version
Information Gathering
Techniques to extract information from MSSQL databases:
- Database Names - Retrieving available database names
- Server Hostname - Obtaining the SQL Server hostname
- Tables and Columns - Discovering table and column names
- Database Credentials - Techniques to extract SQL Server credentials
Injection Techniques
Advanced methods for exploiting MSSQL injection vulnerabilities:
- Avoiding Quotations - Bypassing quote filters in SQL Server
- String Concatenation - Techniques to concatenate strings in MSSQL
- Conditional Statements - Using IIF, CASE, and other conditional expressions
- Stacked Queries - Executing multiple statements in one injection
- Timing - Time-based blind injection methods
- Fuzzing/Obfuscation - Techniques to bypass WAFs and filters
Advanced Techniques
Sophisticated attacks for extracting data and gaining system access:
- System Command Execution - Using xp_cmdshell to run OS commands
- OPENROWSET Attacks - Leveraging OPENROWSET for remote connections
- Password Hashing - Understanding and exploiting SQL Server password storage
- Password Cracking - Techniques to recover passwords from hashes
- SP_PASSWORD Parameter - Using sp_password to hide queries from logs
Browse the techniques using the sidebar navigation or select a specific category to explore.