SQL Injection Intro (9) | String SQL Injection | Cycubix Docs

The query in the code builds a dynamic query and the query is built by concatenating strings making it vulnerable. Try and solve our SQL injection query string.

Try It! String SQL injection

The query in the code builds a dynamic query as seen in the previous example. The query is build by concatenating strings making it susceptible to String SQL injection:

"SELECT * FROM user_data WHERE first_name = 'John' AND last_name = '" + lastName + "'";

Using the form below try to retrieve all the users from the users' table. You should not need to know any specific user name to get the complete list.

Solution

💡 Remember that for an successful Sql-Injection the query needs to always evaluate to true.

SELECT * FROM users_data FIRST_NAME = 'John' and Last_NAME = ' ' + or + '1'='1

Further training

Visit Cycubix.com to find out more about our Application Security training courses. We also offer (ISC)² Official training for CISSP, SSCP, CCSP and CSSLP certifications.

PreviousSQL Injection Intro (5) | Data Control Language (DCL) | Cycubix Docs NextSQL Injection Intro (10) | Numeric SQL Injection | Cycubix Docs

Last updated 3 years ago