ERO! Posted August 19, 2014 Share Posted August 19, 2014 If you had to change your name. What Would You Change It To? I would change mine to Hammond Cheese Quote Link to comment Share on other sites More sharing options...
Flutterz Posted August 19, 2014 Share Posted August 19, 2014 Robert'); DROP TABLE Students;--, of course. Nosebleed, Stray Cat, 傍観者 and 2 others 5 Quote Link to comment Share on other sites More sharing options...
ERO! Posted August 19, 2014 Author Share Posted August 19, 2014 Honestly, i dont get it Quote Link to comment Share on other sites More sharing options...
Nosebleed Posted August 19, 2014 Share Posted August 19, 2014 Honestly, i dont get it In SQL, commands are separated by semicolons ; and data is often quoted using single quotes '. Commands may also be enclosed in parentheses( and ). Data is stored in tables of similar items (e.g. students) and individual entries are "rows" in the table. To delete an entire table (and every row of data in that table), you use the commandDROP (e.g. DROP TABLE students). The -- represents the start of a SQL comment which ensures that the rest of the command is ignored so an error will not occur. The exploited vulnerability is that the single quote in the name input was not properly "escaped" by the software. Thus, when the name is embedded into some SQL statement, the quote is erroneously parsed as a closing quote inside that statement, rather than being parsed as part of the name. Lack of such escaping is a common SQL vulnerability; this type of exploit is referred to as SQL injection. Quote Link to comment Share on other sites More sharing options...
ERO! Posted August 19, 2014 Author Share Posted August 19, 2014 Ah i get it now, thanks Quote Link to comment Share on other sites More sharing options...
RichardDRichards Posted August 22, 2014 Share Posted August 22, 2014 Seto Kaiba, then I can screw the rules. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.