How can i update a table using SQL Injection?

mysql sql-injection
25,292

You may want to try entering Robert'); DROP TABLE students; -- in your form :)

alt text

In the above xkcd cartoon, Bobby was probably asked to fill in his name in a form, but he mischievously inserted Robert'); DROP TABLE students; -- as his name. Now imagine if that input was used in this query: 

SELECT * FROM students WHERE name = '$input'

As you can see, if we substitute $input for what Bobby entered, you'll get this

SELECT * FROM students WHERE name = 'Robert'); DROP TABLE students; --'

Which are two very valid SQL commands, and a comment.

You may also want to research earlier Stack Overflow questions on SQL Injection.

Share:
25,292
Fero
Author by

Fero

C00L Developer....

Updated on September 17, 2021

Comments

  • Fero
    Fero over 2 years

    How can i able to update a table in a MySQL database using SQL Injection?

    I have heard about how we can enter the query in the address bar and it is possible to update a table in the MySQL database. But I am not sure about it.

    Kindly give me an idea professionals...

  • Fero
    Fero over 13 years
    Is it possible to change by updating the table by entering the query in URL. kindly explain
  • Daniel Vassallo
    Daniel Vassallo over 13 years
    @Fero: Yes it is. For example, if you use the querystring from the URL, and insert it into a SELECT statement, as in SELECT * FROM users WHERE username = '$querystring'; Then whatever you pass as the querystring can easily terminate that SELECT statement, and execute any another statement, as in the above cartoon.
  • Daniel Vassallo
    Daniel Vassallo over 13 years
    In the above cartoon, Bobby was probably asked to fill in his name in a form, but he mischievously inserted Robert'); DROP TABLE students; --... Now imagine if that input was used in this query: SELECT * FROM students WHERE name = '$input'... As you can see, if you substitute $input for what Bobby entered, you'll get this: SELECT * FROM students WHERE name = 'Robert'); DROP TABLE students; --', which are two valid SQL commands.
  • Daniel Vassallo
    Daniel Vassallo over 13 years
    @Fero: You may want to start with the link that @Piskvor suggested in the above comments. Then I'd recommend going through Stack Overflow.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

PHP Function to replace symbols with character codes to stop SQL Injection
How secure is laravel 5.1?
How should I write PHP $_POST vars in a mysql_query function?
MySQL Injection by LIKE operator
what's the meaning of 'admin' OR 1=1 -- '
function to sanitize input to Mysql database
Which characters are actually capable of causing SQL injection in MySQL?
How to prevent sql-injection in nodejs and sequelize?
Site has been hacked via SQL Injection
What is the PDO equivalent of function mysql_real_escape_string?