SQL Injection Attack through form input
Question
Hi I want to show sql injection vulnerability through form input using PHP and MYSQL. Any suggestion how to go about.
Thanks
2 answers
solution1
0 2015-10-06 02:24:00
You can use Kali Linux to hack into the php website. Here is a tutorial on how to do that.
solution2
0 ACCPTED 2015-10-06 02:35:21
mysql_query("INSERT INTO `table` (`column`) VALUES ('$inject_variable')");
If you have query like this you can insert something like value'); DROP TABLE table;-- value'); DROP TABLE table;-- to the $inject_variable to test the injection.
Hence, your SQL query will became this:
INSERT INTO `table` (`column`) VALUES('value'); DROP TABLE table;--')
This will allow other users to drop the table.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
Sql Injection Attack Insight
SQL injection Attack
SQL injection attack with php
need help on sql injection attack
Prevent SQL injection attack in PHP
SQL PHP injection attack in Drupal 6
Is it possible to perform a SQL injection attack on this code?
Issue about XSS Attack and SQL Injection
How to prevent URL blind sql injection attack
whether sql query secured from googlebots attack(google sql injection)
Related Tags