Reputation: 189
SQL Injection on a local server
I have a project for a course where I connect to a local server localhost:8080/website.php and execute SQL Injection. The server has an Account ID Number and Password field. When submitted the ID and Password values are input into the SQL statement: SELECT * FROM accounts WHERE id = (ID value) AND password = '(password value)' How would I exploit this and perform SQL Injection?
I have tried a few thing listed below.
' or 1=1 -- became SELECT * FROM accounts WHERE id = 12345 AND password = '' or 1=1 --' opens an account, its always the same account. How do I access a different account?
'; INSERT INTO accounts(id,password) values('12345','abc');-- became SELECT * FROM accounts WHERE id = 12345 AND password = ''; INSERT INTO accounts(id,password) values('12345','abc');--' This gives a sql error
How do I log into any account without knowing an id, the ' or 1=1 -- logs into the same account no matter what I put for the ID. Also how do I create my own account in the database?
Upvotes: 0
Views: 1743
Answers (1)
Reputation: 1382
You can send a value to invalidate the where and make always true the result. This will give you access to the system without knowing the password.
'or 1=1 --
Mike after I run your statement in sql I got this.
Upvotes: 1