4 - Other Injection Operators

- Try AND operator `&&` - Send command executes if first is successful ![[images/Pasted image 20260104192848.png]] - Try OR operator `||` - Second command only executes if first is unsuccessful ![[images/Pasted image 20260104192914.png]] - Miscellaneous operators |**Injection Type**|**Operators**| |---|---| |SQL Injection|`'` `,` `;` `--` `/* */`| |Command Injection|`;` `&&`| |LDAP Injection|`*` `(` `)` `&` `\|`| |XPath Injection|`'` `or` `and` `not` `substring` `concat` `count`| |OS Command Injection|`;` `&` `\|`| |Code Injection|`'` `;` `--` `/* */` `$()` `${}` `#{}` `%{}` `^`| |Directory Traversal/File Path Traversal|`../` `..\\` `%00`| |Object Injection|`;` `&` `\|`| |XQuery Injection|`'` `;` `--` `/* */`| |Shellcode Injection|`\x` `\u` `%u` `%n`| |Header Injection|`\n` `\r\n` `\t` `%0d` `%0a` `%09`|