24 lines
896 B
Markdown
24 lines
896 B
Markdown
# Sql-Injection-Test
|
|
|
|
> Version: 1.0.23110.1 \
|
|
> Created by: Jali<jali@orca-central.de>
|
|
> Last Modified by: Jali<jali@orca-central.de>
|
|
|
|
## About
|
|
|
|
This project implements a very simple web-service, that is vulnerable to an SQL
|
|
injection attack. In this case a simple web-page is protected by a user name and
|
|
password, and the password is checked by requesting the user name and password
|
|
from the database, and check if they exist. If they do, users are granted access
|
|
to the web-page, if not they are thrown back to the login page.
|
|
|
|
The SQL queries, however, are vulnerable to SQL injection. So a user can gain
|
|
access by simply putting a statement such as
|
|
|
|
```wurst' OR '1'='1```
|
|
|
|
into the password field. The where clause '1'='1' will always be true, and
|
|
therefore the statement always returns a list of all possible users.
|
|
|
|
The example creates an in memory database with users Alice and Bob.
|