We were unable to load Disqus. If you are a moderator please see our troubleshooting guide.
hey! it's ok to see the fail and how occurs the injection. but can you include the solution?and can you include a new chapters with a new sql injection method in every chapter?
thanks in advance!
Please dockerize this code . Thank you
This is a very good explanation of a SQL injection. If you where to have more than one user, one way to log into a random user would be where both the username and password were inputted as the value
unknown' or '1'='1
than it finds every combination of stored password and user in the system untill it finds the first matching one. Also, one nice thing to do would be to provide a way to prevent SQL injections in real cases this will help everyone here.
Try these, some basic login field injections.username: 'or' 1=1password: 'or' 1=1
username: 1' 1=1 --password: anything
To understand these at a very basic level visit http://sechow.com/bricks/do...