Input validation alone is not enough!!

So the last attempt to validate if the query did not contain any spaces failed, the development team went further into the direction of only performing input validation, can you find out where it went wrong this time?

Read about the lesson goal in SQL Injection Advanced (3).

Solution

• Hints: Are the same that the ones in the previous exercises.

• In the previous exercise we subtitute spaces with comments.

• From the hints we know that WebGoat uses HiperSQL as a relational database system.

• We can use a nested or obfuscated SQL keywords technique to bypass non-recursive validation.

• The solution is to nest a SELECT in a Select by typing SELSELECTECT. We can also use frfromom instead of 'from', and HSQLDB comment instead of white space.

The query would be: a';//seselectlect//*//frfromom//user_system_data;--