DB2 SQL Injection Cheat Sheet

Nytro · November 10, 2009

Version

select versionnumber, version_timestamp from sysibm.sysversions;

Comments

select blah from foo; -- comment like this

Current User

select user from sysibm.sysdummy1;

select session_user from sysibm.sysdummy1;

select system_user from sysibm.sysdummy1;

List Users

N/A (I think DB2 uses OS-level user accounts for authentication.)

Database authorities (like roles, I think) can be listed like this:

select grantee from syscat.dbauth;

List Password Hashes

N/A (I think DB2 uses OS-level user accounts for authentication.)

List Privileges

select * from syscat.tabauth; -- privs on tables

select * from syscat.dbauth where grantee = current user;

select * from syscat.tabauth where grantee = current user;

Current Database

select current server from sysibm.sysdummy1;

List Databases

SELECT schemaname FROM syscat.schemata;

List Columns

select name, tbname, coltype from sysibm.syscolumns;

List Tables

select name from sysibm.systables;

Select Nth Row

select name from (SELECT name FROM sysibm.systables order by

name fetch first N+M-1 rows only) sq order by name desc fetch first N rows only;

Select Nth Char

SELECT SUBSTR('abc',2,1) FROM sysibm.sysdummy1; -- returns b

ASCII Value -> Char

select chr(65) from sysibm.sysdummy1; -- returns 'A'

Char -> ASCII Value

select ascii('A') from sysibm.sysdummy1; -- returns 65

Casting

SELECT cast('123' as integer) FROM sysibm.sysdummy1;

SELECT cast(1 as char) FROM sysibm.sysdummy1;

String Concatenation

SELECT 'a' concat 'b' concat 'c' FROM sysibm.sysdummy1; -- returns 'abc'

select 'a' || 'b' from sysibm.sysdummy1; -- returns 'ab'

Sign In

DB2 SQL Injection Cheat Sheet

Recommended Posts

Nytro

Join the conversation

Browse

Activity

Pages