Q: Login SQL Injection -
so have here classic login selectstatement:
select * users username = '{var}' , password = md5('{var}')
attack:
select * users username = 'admin' -- ' , password = md5('{var}')
my question still susceptible sql injection if use statement:
select * users password = md5('{var}') , username = '{var}'
yes
just set user name variable xxx' or 1=1-- becomes
...and username = 'xxx' or 1=1-- parametrise correctly
Comments
Post a Comment