search

A3:2021 | SQL Injection Mitigation (10) | Cycubix Docs

hashtag
Input validation alone is not enough!!

So the last attempt to validate if the query did not contain any spaces failed, the development team went further into the direction of only performing input validation, can you find out where it went wrong this time?

Read about the lesson goal in SQL Injection Advanced (3).

hashtag
Solution

  • Hints: Are the same that the ones in the previous exercises.

  • In the previous exercise we subtitute spaces with comments.

  • From the hints we know that WebGoat uses HiperSQLarrow-up-right as a relational database system.

  • We can use a nested or obfuscated SQL keywords technique to bypass non-recursive validation.

  • The solution is to nest a SELECT in a Select by typing SELSELECTECT. We can also use frfromom instead of 'from', and HSQLDB comment instead of white space.

The query would be: a';//seselectlect//*//frfromom//user_system_data;--

PreviousA3:2021 | SQL Injection Mitigation (9) | Cycubix DocsNextA3:2021 | SQL Injection Mitigation (11) | Cycubix Docs

Last updated

Was this helpful?