Friday, May 23, 2008

PHP Hacking 1 = 1

'1 =1 ' is classic example of SQL injection attack. For the authentication some PHP GUI saves the user id and password in database. Generally a query something like this is used to validate the user given information:

SELECT * FROM users
WHERE user=''
AND passwd=''

A simple hacker like me ;-) can use SQL injection attack by specifying
User: Any
Password: OR 1 =1

This will allow me to give access to the site. Depending on the query you may need to try other variations like

Password: ') OR ('1=1')

The idea is to inject 1 =1 (which is true) in SQL statement such that the WHERE clause returns TRUE.

Happy Hacking...
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)