TestSQLInjection

RPC Configuration

Rpc Name:

Plain: TestSQLInjection
Sha1: da2264b73de61a470ef28d794c2c5495f6b5b6c8

Rpc Call

RPCs can be called by their plain name or their SHA1 representation.

Rpc Parameters:

"injection" : string,
"extraction" : ?string = null 

Parameter Description

A Method that exposes some SQL Functionality to test injections and extractions with.
@param string injection Example for a working exploit: 'Hallo'); DROP TABLE testTabelle; #

@param string extraction To allow the user to make a maximum of stupid attacks, this datatype is

set to string on purpose, even tough it makes no sense!
@return void

true

Requires Context:

Context

The context providing parameter can either be a contagt-id (8-Bytes, Alphaumeric) or an integer as a building id. The context parameter name should make the choice obviouse, the type has not to be defined manually.

false

Requires WriteAccess:

WriteAccess

Only accounts that have an explicit write access to the defined context can execute this RPC, no matter if the authentication level matches or not.

false

Requires AuthenticationLevel:

Context

Authentication levels allow the SuperUser to define a by-RPC granular access configuration. If RPCs are chained in a single unified call and lenient is enabled, all allowed RPCs will be executed, while execution will fail entirely with lenient set to false.

SUPERUSER

Requires Subbuilding Merge Strategy:

REPLACE

Cache Configuration

Response Cache

All writing RPCs are not Cacheable, also Caching will be disabled by the paramters nocache and readonly.

Cache enabled:

true

Cache Time to Live:

Sample Request

->

[]

RPC Configuration​

Rpc Name:​

Rpc Parameters:​

Requires Login:​

Requires Context:​

Requires WriteAccess:​

Requires AuthenticationLevel:​

Requires Subbuilding Merge Strategy:​

Cache Configuration​

Cache enabled:​

Cache Time to Live:​

Sample Request​