Table 3 Different forms of injection code with their common patterns
S/N | Injection type | Common pattern | Example |
|---|---|---|---|
1 | Boolean-based | ’ OR ‘…’ = | > | > =| < | < =|<>|! = ‘…’;# | ‘ OR ‘1’ = ‘1’;# 123’ OR ‘a’ <> ‘b’ ;# ‘ OR ‘2 + 3’ < = ‘10’ ;# |
2 | Union-based | ‘ union select … from …;# | ‘ union select * from users; # ‘ union select name from a;# |
3 | Error-Based | ’…convert ( |avg( | round(... | 111’ convert(int, ‘abcd’) A’ avg(‘&%$#@*’) |
4 | Batch query | ‘; drop | delete | insert | truncate | update | select…;# | aaa’ ; delete * from users; # ‘ ; drop table users; # |
5 | Like-based | ’OR … LIKE ‘…%’;# | ‘ OR username LIKE ‘S%’# |
6 | XSS | <script> …’…;</script> | <script>alert(‘Xss’);</script> |