2

I'm writing a tool to exploit SQL Injections. I'm trying to add support to SQLite now and I'm facing a problem: if I need to insert a string but quotes are escaped in Mysql I can use 0x65..., or in Postgres CHR(65)||.... But in SQLite I can't find any way of doing this without using quotes.

Can anyone help me?

Thanks in advance

Improve this question

2 Answers 2

Reset to default
2

I don't believe there's a general solution. You may be able to assemble your string using parlor tricks if it contains the right characters. E.g., substr(quote(hex(0)),1,1) will return "'", upper(substr(typeof(cast(0 as text)),3,1)) will return "X", etc. I doubt you can get the whole alphabet this way, but it might be enough for whatever injection you're planning.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

I don't know of an equivalent, however you can check the documentation to see if there is anything you can use:

http://www.sqlite.org/lang_corefunc.html

http://www.sqlite.org/lang_aggfunc.html

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.