SQL Injection Intro (10) | Numeric SQL Injection | Cycubix Docs

The query in the code builds a dynamic query by concatenating a number making it susceptible to Numeric SQL injection. Learn more about Numeric SQL Injection

Try It! Numeric SQL injection

The query in the code builds a dynamic query as seen in the previous example. The query in the code builds a dynamic query by concatenating a number making it susceptible to Numeric SQL injection:

"SELECT * FROM user_data WHERE login_count = " + Login_Count + " AND userid = "  + User_ID;

Using the two Input Fields below, try to retrieve all the data from the users table.

Warning: Only one of these fields is susceptible to SQL Injection. You need to find out which, to successfully retrieve all the data.

Solution

💡 Try to check which of the input fields is susceptible to an injection attack. 💡 Insert: 0 or 1 = 1 into the first input field. The output should tell you if this field is injectable. 💡 The first input field is not susceptible to sql injection. 💡 You do not need to insert any quotations into your injection-string.

Login_count: 0
User_Id: 0 OR 1=1

Further training

Visit Cycubix.com to find out more about our Application Security training courses. We also offer (ISC)² Official training for CISSP, SSCP, CCSP and CSSLP certifications.

PreviousSQL Injection Intro (9) | String SQL Injection | Cycubix Docs NextString SQL Injection (11) | Confidentiality | Cycubix Docs

Last updated 3 years ago