Which of the following can the attacker use to launch an SQL injection attack?

SQL injection attacks are becoming significantly more popular amongst hackers and there
has been an estimated 69 percent increase of this attack type. This exploit is used to great
effect by the hacking community since it is the primary way to steal sensitive data from web
applications. It takes advantage of non-validated input vulnerabilities to pass SQL
commands through a web application for execution by a backend database. The below
diagram shows how attackers launchedSQL injection attacks on web applications.

Which of the following can the attacker use to launch an SQL injection attack?

SQL injection attacks are becoming significantly more popular amongst hackers and there
has been an estimated 69 percent increase of this attack type. This exploit is used to great
effect by the hacking community since it is the primary way to steal sensitive data from web
applications. It takes advantage of non-validated input vulnerabilities to pass SQL
commands through a web application for execution by a backend database. The below
diagram shows how attackers launchedSQL injection attacks on web applications.

Which of the following can the attacker use to launch an SQL injection attack?

A.
Blah’ “2=2 –“

B.
Blah’ and 2=2 —

C.
Blah’ and 1=1 —

D.
Blah’ or 1=1 —



Leave a Reply 2

Your email address will not be published. Required fields are marked *


Shadow

Shadow

“D” ECSAv8 pg. 604

Q 

Q 

In ECSA exam, D is the correct answer.

However, B and C can be used to detect “boolean-based” sql injection.