Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.databases.ms-sqlserver > #1865
| Path | csiph.com!v102.xanadu-bbs.net!xanadu-bbs.net!feeder.erje.net!eu.feeder.erje.net!eternal-september.org!feeder.eternal-september.org!mx02.eternal-september.org!.POSTED!not-for-mail |
|---|---|
| From | Lennart Jonsson <erik.lennart.jonsson@gmail.com> |
| Newsgroups | comp.databases.ms-sqlserver |
| Subject | Re: SQl -injection |
| Date | Wed, 28 Jan 2015 14:41:48 +0100 |
| Organization | A noiseless patient Spider |
| Lines | 31 |
| Message-ID | <maaotr$e36$1@dont-email.me> (permalink) |
| References | <maai3j$iu8$1@dont-email.me> |
| Mime-Version | 1.0 |
| Content-Type | text/plain; charset=windows-1252; format=flowed |
| Content-Transfer-Encoding | 7bit |
| Injection-Date | Wed, 28 Jan 2015 13:41:15 +0000 (UTC) |
| Injection-Info | mx02.eternal-september.org; posting-host="5f53882e1b0b5de864e88de647f19c93"; logging-data="14438"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18kjZO2S4SUAghCJmf2/E50" |
| User-Agent | Mozilla/5.0 (X11; Linux i686; rv:31.0) Gecko/20100101 Thunderbird/31.3.0 |
| In-Reply-To | <maai3j$iu8$1@dont-email.me> |
| Cancel-Lock | sha1:tjolArO/iSSnbJrY7s/+DuojH0M= |
| Xref | csiph.com comp.databases.ms-sqlserver:1865 |
Show key headers only | View raw
On 2015-01-28 12:45, Tony Johansson wrote:
> In the form there is a text field for name
>
> This query is meant to be used like his
> select Namn, Adress, Telefonnummer
> from Abonnent
> where Namn = 'Olle Karlsson' //This name is fetched from the text
> field name in the form
> and hemligtNummer = false;
>
> If now the user enter some strange character in the text field in the
> form like this
> select Namn, Adress, Telefonnummer
> from Abonnent
> where Namn = 'Olle Karlsson' or 'a'='a' or 'a'='a'
> and hemligtNummer = false;
>
> I don't understand how the second query can result that all rows will be
> fetched
>
The where clause evaluates to
where Namn = 'Olle Karlsson'
or 'a'='a'
or ('a'='a' and hemligtNummer = false);
/Lennart
Back to comp.databases.ms-sqlserver | Previous | Next — Previous in thread | Next in thread | Find similar
SQl -injection "Tony Johansson" <johansson.andersson@telia.com> - 2015-01-28 12:45 +0100
Re: SQl -injection Lennart Jonsson <erik.lennart.jonsson@gmail.com> - 2015-01-28 14:41 +0100
Re: SQl -injection "Tony Johansson" <johansson.andersson@telia.com> - 2015-01-29 11:03 +0100
Re: SQl -injection Erland Sommarskog <esquel@sommarskog.se> - 2015-01-28 13:45 +0000
csiph-web