Given the database schema below, and a form that asks a user to provide their account number
Fantastic news! We've Found the answer you've been seeking!
Question:
Given the database schema below, and a form that asks a user to provide their account number in order to retrieve the account balance through the following query, craft a SQL injection attack that would allow customer John Doe to "steal" $500 from customer Homer Simpson.
SELECT Balance
FROM Accounts
WHERE Account_Num =
a) the rationale for why you set it up the way you did
b) what the expected result(s) will be if the attack was to be carried out.
Related Book For
Principles Of Information Security
ISBN: 9780357506431
7th Edition
Authors: Michael E. Whitman, Herbert J. Mattord
Posted Date: