Revisions to How can I test my PHP MySQL injection example?

deleted 7 characters in body

Source Link

edited Apr 2, 2013 at 7:22

Kovge

If the value of username is:

 $_POST['user'] = "1' OR 1 LIMIT 1; --";

Then the mysql query becomes:

select * 
from zend_adminlist 
where user_name = '1' OR 1
  LIMIT 1; 
 --' and password = '$pass'

If the value of username is:

 $_POST['user'] = "1' OR 1 LIMIT 1; --";

Then the mysql query becomes:

select * 
from zend_adminlist 
where user_name = '1' OR 1
 LIMIT 1; 
 --' and password = '$pass'

If the value of username is:

 $_POST['user'] = "1' OR 1 LIMIT 1; --";

Then the mysql query becomes:

select * 
from zend_adminlist 
where user_name = '1' OR 1 LIMIT 1; --' and password = '$pass'

Grammar and stuffs

Source Link

Lemon Drop

If the value of username is:

 $_POST['user'] = "1' OR 1 LIMIT 1; --";

ThanThen the mysql query becomebecomes:

select * 
from zend_adminlist 
where user_name = '1' OR 1
LIMIT 1; 
--' and password = '$pass'

If the value of username is:

 $_POST['user'] = "1' OR 1 LIMIT 1; --";

Than the query become:

select * 
from zend_adminlist 
where user_name = '1' OR 1
LIMIT 1; 
--' and password = '$pass'

If the value of username is:

 $_POST['user'] = "1' OR 1 LIMIT 1; --";

Then the mysql query becomes:

select * 
from zend_adminlist 
where user_name = '1' OR 1
LIMIT 1; 
--' and password = '$pass'

Source Link

answered Apr 2, 2013 at 7:13

Kovge

If the value of username is:

 $_POST['user'] = "1' OR 1 LIMIT 1; --";

Than the query become:

select * 
from zend_adminlist 
where user_name = '1' OR 1
LIMIT 1; 
--' and password = '$pass'

Return to Answer