Looking for examples of SQL injection with more information. – Digitalmunition




Home Forums Looking for examples of SQL injection with more information.

This topic contains 1 reply, has 2 voices, and was last updated by  VOIDPCB 2 months ago.

  • Author
    Posts
  • #228819

    anonymous
    Participant

    So I have a class about programming and security and the way we are evaluated is we have to make possible exam questions about the topics we learned that week. We have to look for articles and make a question, multiple choice answers and the reason why an answer is wrong/correct.

    Last class we learned about SQL injection and I thought I would make the question like “what SQL injection technique was used in this attack?”. But every article I found doesn’t talk about the technique used they say “stole information using SQL injection” but nothing more…

    So I don’t know what questions I can make from that… Would appreciate the help.

  • #228820

    VOIDPCB

    [Here](https://hackaday.com/?s=SQL+injection) are a few SQL injection examples.

  • #228821

    Mahsunon

    For example the website accesses its database with
    ” SELECT product_name FROM table1 ”
    The product name is supplied through user input.
    You could inject
    ” ‘ UNION SELECT pw from table2 ## ”
    What this does is it would make the product name blank and join another table and finally comment out the rest of the remaining SQL string cuz u dont need it.
    This is super super simplified

You must be logged in to reply to this topic.