Looking for examples of SQL injection with more information. – Digitalmunition

Home Forums Looking for examples of SQL injection with more information.

This topic contains 1 reply, has 2 voices, and was last updated by  VOIDPCB 9 months, 3 weeks ago.

  • Author
  • #228819


    So I have a class about programming and security and the way we are evaluated is we have to make possible exam questions about the topics we learned that week. We have to look for articles and make a question, multiple choice answers and the reason why an answer is wrong/correct.

    Last class we learned about SQL injection and I thought I would make the question like “what SQL injection technique was used in this attack?”. But every article I found doesn’t talk about the technique used they say “stole information using SQL injection” but nothing more…

    So I don’t know what questions I can make from that… Would appreciate the help.

  • #228820


    [Here](https://hackaday.com/?s=SQL+injection) are a few SQL injection examples.

  • #228821


    For example the website accesses its database with
    ” SELECT product_name FROM table1 ”
    The product name is supplied through user input.
    You could inject
    ” ‘ UNION SELECT pw from table2 ## ”
    What this does is it would make the product name blank and join another table and finally comment out the rest of the remaining SQL string cuz u dont need it.
    This is super super simplified

You must be logged in to reply to this topic.