Sql Injection on login form

Asked By parthivpatel 0 points N/A Posted on - 09/14/2012

Hi All,
I use the following access details in login page to check ksql injection.

User Name : admin'
Password "- 1234567

and receive a alert message so it means my site is secure with sql injection.

Please correct me if i am wrong.

Thanks

Parthiv

Status: Open
Question Views: 941
Answer Count: 1
Vote Up 0 Vote Down

Answer Accepted: No
Question Category: Security

Answered By Galaline Samuel 0 points N/A #162224

Sql Injection on login form

Hi,

The credentials what you are using is not a SQL injection rather it is just a normal username and password. But the code thinks that it is false and returns that password is matched.

The original SQL injection string is : 'or''='

Use the provided string as you website password and try using it.

use something like this.

Username : admin

Password : 'or''=' (This is nothing but SQL injection password)

Please let me know if you need any more help on the same.

About Galaline Samuel

Questions
1

Answers
201

Best Answers
54

Vote Up 0 Vote Down

Posted on - 09/15/2012
Question Category: Security

Sql Injection on login form

Sql Injection on login form

How to download python webcam from remote pc?

What are the best website testing interview questions?

Related Questions

Latest Articles

How To Use Data Analytics To Make Better Business Decisions

Honor Mom This Mother’s Day With The Perfect Kitchen Upgrade: The Sylvox 15.6″ Under...

Loft Vs. Outdoor TV Aerials: Pros, Cons, And Best Practices

Latest Blogs

Top 10 New Laptop Entrants That Shook The Public

10 Facts About The Dark Web

Top 10 Latest Steam Cleaner Machines

Latest Tips

Top 10 Internet Monitoring Software

Top 10 Best Partition Manager Software

Top 10 Best Online Music Production Software