search

A3:2021 | SQL Injection Intro (10) | Cycubix Docs

The query in the code builds a dynamic query by concatenating a number making it susceptible to Numeric SQL injection. Learn more about Numeric SQL Injection.

hashtag
Try It! Numeric SQL injection

The query in the code builds a dynamic query as seen in the previous example. The query in the code builds a dynamic query by concatenating a number making it susceptible to Numeric SQL injection:

"SELECT * FROM user_data WHERE login_count = " + Login_Count + " AND userid = "  + User_ID;

Using the two Input Fields below, try to retrieve all the data from the users table.

Warning: Only one of these fields is susceptible to SQL Injection. You need to find out which, to successfully retrieve all the data.

hashtag
Solution

  • The User_ID at the end is not part of the STRING so its going to be our vulnerable field.

  • We need to find statements that follows a technique for evaluating truth. We can insert 0 in the loging account and 1 OR 0=0.

  • Hint: You do not need to insert any quotations into your injection-string.

  • Login_count: 0

hashtag
Further training

Visit Cycubix.comarrow-up-right to find out more about our Application Security training coursesarrow-up-right. We also offer (ISC)² Official training for CISSP, SSCP, CCSP and CSSLP certificationsarrow-up-right.

PreviousA3:2021 | SQL Injection Intro (9) | Cycubix DocsNextA3:2021 | SQL Injection Intro (11) | Cycubix Docs

Last updated

Was this helpful?