stackoom
  简体   繁体   中英

What're the purposes of these special characters in SQL injection?

 原文  2015-11-16 20:24:24       sql/ sql-injection

Question

$sel1 = mysql_query ("SELECT ID, name, locale, lastlogin, gender,
    FROM USERS_TABLE
    WHERE (name = '$user' OR email = '$user') AND pass = '$pass'");

$chk = mysql_fetch_array($sel1);

if (found one record)
then {allow the user to login}`

The question is that try to login with username admin');#", then you will find that you logged in as the user admin! Question asks what each special character purpose in sql injection. , ) ; # "

Thanks!

1 answers

solution1
 0 ACCPTED  2015-11-16 20:34:53

This value:

admin');#

would terminate the SQL statement after the string "admin" and treat everything after as a comment. So this:

SELECT ID, name, locale, lastlogin, gender,
FROM USERS_TABLE
WHERE (name = '$user' OR email = '$user') AND pass = '$pass'

essentially becomes this:

SELECT ID, name, locale, lastlogin, gender,
FROM USERS_TABLE
WHERE (name = 'admin')

A record is found and the system happily continues on its way, having logged the user in as 'admin' because the query successfully found that record.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question sql injection for educational purposes Inserting special characters into SQL Server 2008 RE How to escape special characters like " in the SQL query in order to avoid Injection What are the characters that need to be escaped in Oracle SQL to avoid SQL Injection? Special characters in password causing internal server error "SQL Injection attack detected via libinjection" Special Characters - Sql SQL LIKE with special characters Removing special characters in sql Issue with special characters in SQL special characters in sql text
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM