Question: show steps. Please help! In this task you will use an SQL injection attack on a SELECT statement in order to log in without providing
show steps.
Please help!
In this task you will use an SQL injection attack on a SELECT statement in order to log in without providing a password. On the login form of the Collabtive website, there are input fields for the username and password. The PHP code handling the login looks roughly like this: $user POSTusername'1) $hash-SHA1(_POST 'password ']); $query "SELECT ID, name FROM user WHERE (name ,$user, OR emailuser') AND pass'$hash'"; $handlemysql_query ($query); $resultsmsqyl fetch_array ($handle); if (found one record) t allow the user to login reject login For your information, there are several accounts in the application, one of which has the username seed. Also for your information, the database used by the web application is MySQL. Recall that comments in MySQL's version of SQL begin either with a hash character( # ) or two dashes followed by a space (-) (the space after the two dashes is critical!) 4-1. [2 marks| Based on the source code, which field in the login form is a candidate for an SQL injection attack - username or password? Why? 4-2. [2 marks] What did you enter to carry out a successful SQL injection attack on the login page? Why did it work
Step by Step Solution
There are 3 Steps involved in it
Get step-by-step solutions from verified subject matter experts
Study Help