SQL Inventory

List of all SQL mentioned in the code..

ValueCountFile:Line
"SELECT table_schema, table_name, create_time
                FROM information_schema.tables
                WHERE table_schema='{$_DVWA['db_database']}' AND table_name='users'
                LIMIT 1"
1
  • /login.php
'UPDATE users SET failed_login = (failed_login + 1) WHERE user = (:user) LIMIT 1;'
1
  • /vulnerabilities/brute/source/impossible.php
'
                INSERT INTO `' $this->config['table'] . '` (
                    type,
                    data,
                    created,
                    modified
                )
                VALUES (
                    :type,
                    :data,
                    now(),
                    now()
                )
            '
1
  • /external/phpids/0.6/lib/IDS/Caching/Database.php
'SELECT * FROM ' $handle->quote($this->config['table']) . ' where type=?'
1
  • /external/phpids/0.6/lib/IDS/Caching/Database.php
'SELECT created FROM `' $handle->quote($this->config['table']) . '`'
1
  • /external/phpids/0.6/lib/IDS/Caching/Database.php
"select *something* from the menu"
1
  • /external/phpids/0.6/tests/IDS/MonitorTest.php
'SELECT LOAD_FILE(0x633A5C626F6F742E696E69)'
1
  • /external/phpids/0.6/tests/IDS/MonitorTest.php
'SELECT CHAR(0x66)'
1
  • /external/phpids/0.6/tests/IDS/MonitorTest.php
' SELECT IF(1=1,\'true\',\'false\')'
1
  • /external/phpids/0.6/tests/IDS/MonitorTest.php
'SELECT /*!32302 1/0, */ 1 FROM tablename'
1
  • /external/phpids/0.6/tests/IDS/MonitorTest.php
"delete alert(1)"
1
  • /external/phpids/0.6/tests/IDS/MonitorTest.php
'INSERT INTO guestbook ( comment, name ) VALUES ( :message, :name );'
1
  • /vulnerabilities/xss_s/source/impossible.php
'UPDATE users SET last_login = now() WHERE user = (:user) LIMIT 1;'
1
  • /vulnerabilities/brute/source/impossible.php
'
                INSERT INTO ' $this->table ' (
                    name,
                    value,
                    page,
                    ip,
                    impact,
                    origin,
                    created
                )
                VALUES (
                    :name,
                    :value,
                    :page,
                    :ip,
                    :impact,
                    :origin,
                    now()
                )
            '
1
  • /external/phpids/0.6/lib/IDS/Log/Database.php
'UPDATE users SET failed_login = "0" WHERE user = (:user) LIMIT 1;'
1
  • /vulnerabilities/brute/source/impossible.php
'SELECT * FROM users WHERE user = (:user) AND password = (:password) LIMIT 1;'
1
  • /vulnerabilities/brute/source/impossible.php
'SELECT failed_login, last_login FROM users WHERE user = (:user) LIMIT 1;'
1
  • /vulnerabilities/brute/source/impossible.php
"SELECT name, comment FROM guestbook"
1
  • /dvwa/includes/dvwaPage.inc.php
"INSERT INTO users VALUES
    ('1','admin','admin','admin',MD5('password'),'{$baseUrl}admin.jpg'),
    ('2','Gordon','Brown','gordonb',MD5('abc123'),'{$baseUrl}gordonb.jpg'),
    ('3','Hack','Me','1337',MD5('charley'),'{$baseUrl}1337.jpg'),
    ('4','Pablo','Picasso','pablo',MD5('letmein'),'{$baseUrl}pablo.jpg'),
    ('5','bob','smith','smithy',MD5('password'),'{$baseUrl}smithy.jpg');"
1
  • /dvwa/includes/DBMS/PGSQL.php
"INSERT INTO guestbook (comment, name) VALUES('This is a test comment.','admin')"
1
  • /dvwa/includes/DBMS/PGSQL.php
"INSERT INTO users VALUES
    ('1','admin','admin','admin',MD5('password'),'{$avatarUrl}admin.jpg', NOW(), '0'),
    ('2','Gordon','Brown','gordonb',MD5('abc123'),'{$avatarUrl}gordonb.jpg', NOW(), '0'),
    ('3','Hack','Me','1337',MD5('charley'),'{$avatarUrl}1337.jpg', NOW(), '0'),
    ('4','Pablo','Picasso','pablo',MD5('letmein'),'{$avatarUrl}pablo.jpg', NOW(), '0'),
    ('5','Bob','Smith','smithy',MD5('password'),'{$avatarUrl}smithy.jpg', NOW(), '0');"
1
  • /dvwa/includes/DBMS/MySQL.php
"INSERT INTO guestbook VALUES ('1','This is a test comment.','test');"
1
  • /dvwa/includes/DBMS/MySQL.php
"UPDATE `users` SET password = '$pass_new' WHERE user = '" dvwaCurrentUser( ) . "' LIMIT 1;"
1
  • /vulnerabilities/captcha/source/high.php
'SELECT password FROM users WHERE user = (:user) AND password = (:password) LIMIT 1;'
2
  • /vulnerabilities/captcha/source/impossible.php
  • /vulnerabilities/csrf/source/impossible.php
"SELECT first_name, last_name FROM users WHERE user_id = '$id' LIMIT 1;"
2
  • /vulnerabilities/sqli/source/high.php
  • /vulnerabilities/sqli_blind/source/high.php
'UPDATE users SET password = (:password) WHERE user = (:user);'
2
  • /vulnerabilities/captcha/source/impossible.php
  • /vulnerabilities/csrf/source/impossible.php
"SELECT COUNT(*) FROM users;"
2
  • /vulnerabilities/sqli/source/medium.php
  • /vulnerabilities/sqli_blind/index.php
"SELECT first_name, last_name FROM users WHERE user_id = $id;"
2
  • /vulnerabilities/sqli/source/medium.php
  • /vulnerabilities/sqli_blind/source/medium.php
"SELECT first_name, last_name FROM users WHERE user_id = '$id';"
2
  • /vulnerabilities/sqli/source/low.php
  • /vulnerabilities/sqli_blind/source/low.php
'SELECT first_name, last_name FROM users WHERE user_id = (:id) LIMIT 1;'
2
  • /vulnerabilities/sqli/source/impossible.php
  • /vulnerabilities/sqli_blind/source/impossible.php
"SELECT * FROM `users` WHERE user='$user' AND password='$pass';"
2
  • /login.php
  • /vulnerabilities/csrf/test_credentials.php
"SELECT * FROM `users` WHERE user = '$user' AND password = '$pass';"
3
  • /vulnerabilities/brute/source/high.php
  • /vulnerabilities/brute/source/low.php
  • /vulnerabilities/brute/source/medium.php
"INSERT INTO guestbook ( comment, name ) VALUES ( '$message', '$name' );"
3
  • /vulnerabilities/xss_s/source/high.php
  • /vulnerabilities/xss_s/source/low.php
  • /vulnerabilities/xss_s/source/medium.php
"UPDATE `users` SET password = '$pass_new' WHERE user = '" dvwaCurrentUser( ) . "';"
5
  • /vulnerabilities/captcha/source/low.php
  • /vulnerabilities/captcha/source/medium.php
  • /vulnerabilities/csrf/source/high.php
  • /vulnerabilities/csrf/source/low.php
  • /vulnerabilities/csrf/source/medium.php