SQL Injection Example

In this article I will demonstrate how easy is to break admin password in poorly scripted web application and get all tests for your school or college

First of all, we need to find vulnerable target (more info on http://unixwiz.net/techtips/sql-injection.html).



Now lets assume that Administrators username is Administrator.
In password field we enter x' OR 'x'='x

What we have done here is SQL query manipulation, instead of just entering password we made another positive statement (1=1,x=x etc.) with OR condition.
That resulted in positive query and the doors are opened.



Note that this can be prevented by numerous PHP functions such as htmlentities,preg_replace,mysql_real_escape_string,htmlspecialchars etc.

Filtered input would probably result in "xORxx" which I doubt is the correct password



This vulnerability is reported to the administrator.
©2009-2011 Webarto • web design & development • Tuzla // Sarajevo // Beograd