![]() ![]() ![]() An attacker can delete records from the database server. An attack could lead to a complete data leakage from the database server. An attacker can successfully bypass an application’s authentication mechanism to have illegitimate access to it. Unauthorized access to an application.With a successful attack, an attacker can gain: Upon execution of this query, an attacker successfully authenticates to an application since ‘a’=‘a’ always returns true, resulting in authentication bypass. SELECT name FROM user WHERE name=‘admin’ AND passwd=‘password’ OR ‘a’=‘a’ During application login, following the SQL statement executes against the database server: ![]() Now consider an attacker attempting to authenticate to an application using the “ password’ OR ‘a’=’a” password value as the injection payload. This query executes against the database and authenticates the user due to valid credentials. SELECT name FROM user WHERE name=‘admin’ AND passwd=‘xDK9&GoP1’ During application login, follow the SQL statement that executes against the database server: Consider a user authenticating to an application with “admin” as a username and “xDK9&GoP1” as a password. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |