Identify SQL injection attack from the HTTP requests shown below:
A.
http://www.victim.com/example?accountnumber=67891&creditamount=999999999
B.
http://www.myserver.com/search.asp?lname=smith%27%3bupdate%20usertable%20set%20pass wd%3d%27hAx0r%27%3b–%00
C.
http://www.myserver.com/script.php?mydata=%3cscript%20src=%22http%3a%2f%2fwww.yourser ver.c0m%2fbadscript.js%22%3e%3c%2fscript%3e
D.
http://www.xsecurity.com/cgiin/bad.cgi?foo=..%fc%80%80%80%80%af../bin/ls%20-al
Explanation:
Explantion: The correct answer contains the code to alter the usertable in order to change the password for user smith to hAx0r
I have the same idea. B