|
Here is a classic example of a vulnerable statement (assume this
is built dynamically in the language of your choice):
SELECT USER_NAME FROM PASSWORDS
WHERE USER_NAME = '<user_name_var>' AND PASSWORD = '<password_var>'
If someone learns a valid user name, they can enter it and
comment escape characters as the user name and anything as the
password and get a result. Assuming "--" means a comment (it does
for Oracle), they could enter "gooduser' --" as the user name and
"haha" as the password which would result in this SQL statement:
SELECT USER_NAME FROM PASSWORDS
WHERE USER_NAME = 'good_user' --' AND PASSWORD = 'haha'
Everything after "--" is ignored so they just bypassed the password check.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.