344
◾
Ethical Hacking and Penetration Testing Guide
When dealing with integer-based SQL injection, you don’t need the single quote to be associ-
ated with the rest of the query.
In the following query, the value of user_id
is set to an integer, so we don’t have to use single
quote every time we inject our SQL statements.
SELECT * FROM users WHERE user_id=1 [SQL Statement]
In the case of a string-based sql injection, you would need to append the ‘every time you inject
an SQL statement and append --+ (+ denotes a single space character
in the URL-encoded form,
so DB renders it as “--“ (without quotes) at the end of your query. Take an example of the following
statement, where the value of user_id is a string. The injection would look like
SELECT * FROM users WHERE user_id='1' ' [SQL Statement] --+
Dostları ilə paylaş: