SQL Injection Example
In this article I will demonstrate how easy is to break admin password in poorly scripted web application and get all tests for your school or college :)First of all, we need to find vulnerable target (more info on http://unixwiz.net/techtips/sql-injection.html).
Now lets assume that Administrators username is Administrator.
In password field we enter x' OR 'x'='x
What we have done here is SQL query manipulation, instead of just entering password we made another positive statement (1=1,x=x etc.) with OR condition.
That resulted in positive query and the doors are opened.
Note that this can be prevented by numerous PHP functions such as htmlentities,preg_replace,mysql_real_escape_string,htmlspecialchars etc.
Filtered input would probably result in "xORxx" which I doubt is the correct password :)
This vulnerability is reported to the administrator.
