Jayson Cabagua
Reputation: 1
SQL Injection doesn't seems to work
I'm trying to learn more about SQL Injection. I create a code that is vulnerable to SQL Injection to see how it works but when I'm trying to input some code, it doesn't seem to work? It only refreshes the page. Here's the code
$query = "Select * from users where UserName = ''OR DROP table 'users'"/*$name' AND UserPassword = '$pw'""*/;
$result = mysql_query($query);
while($row = mysql_fetch_array($result))
{
$id = $row['UserId'];
$tempName = $row['UserName'];
$tempPassword = $row['UserPassword'];
}
if($name == $tempName && $pw == $tempPassword)
{
session_Start();
$_SESSION["id"] = $id;
header("Location: adminhome.php");
exit;
}
else
{
}
}
if(isset($_POST['btnDestroy']))
{
session_unset($_SESSION["id"]);
session_destroy($_SESSION["id"]);
}
?>
Here are the list of my SQL Injection Attempts:
1' OR '1'='1' LIMIT 0,1;#
'or drop table 'users
Username: '-
Password: '
Username: '-0||'
Password: 1
Upvotes: 0
Views: 310
Answers (1)
Juan Carlos Oropeza
Reputation: 48197
The problem is we dont know how are you building your query.
for example if you are using
$query = "Select * from users where UserName = '".UserName.
"' AND Password = '".Password."'";
Then you set your variable UserName to
UserName = "' OR 1=1; DROP TABLE table 'users'; //"
^^ ^^^^
close string and create valid OR
close statement and use // to comment the rest
Upvotes: 2
Related Questions
- How can I prevent SQL injection in PHP?
- Are PDO prepared statements sufficient to prevent SQL injection?
- How to import an SQL file using the command line in MySQL?
- How does PHP 'foreach' actually work?
- SQL injection that gets around mysql_real_escape_string()
- How to fix Server Status Code: 302 Found by SQL Inject Me Firefox Addon
- actionscript does not see changes to the textbox
- How to demonstrate SQL Injection in this PHP and MySQL code?
- SQL injection login bypass