SQL Injection Cookbook - MSSQL

=Database objects=

Create a stored procedure or function
=System data=

File uploads
=Queries=

Set operators
Set operators are used to combine the results from two different queries. The number of columns and order of column types must be identical for both queries. The general syntax is

SELECT fname, lname FROM employees SET_OPERATOR SELECT fname, lname FROM customers

Query output to file
=Attacks=

SQL Tautologies
A tautology is something that is inherently true. SQL tautologies are used when you want to force a query to return all results, basically ignoring any WHERE conditionals. Simple tautologies like " OR 1=1" are useful, but may be filtered out by some security tools. The table below offers a number of tautologies that filter writers (even on well known commercial tools) may not have considered.

=Data exfiltration=

General network
=Platform specific=