Question

What is the most common SQL Injection Attack code that could be put into a vulnerable website textbox that means "OR True"?

Answer 1

The most common SQL Injection Attack code that can be put into a website could be-

' OR 1=1# OR ' OR 1=1-- (Note: there is a space after --)

Explanation:

To understand the above code, let's just consider one simple example where you have a search box and in that, you have entered the number about which you want all the entries.

2

In this case, there's an SQL query will run in the backend that would fetch the data, it could be-

SELECT * FROM Items WHERE id = '2'

In the second scenario, we're trying to be quiet malicious and entered an SQL Injection Attack code-

' OR 1=1#

In this case, the backend query becomes,

SELECT * FROM Items WHERE id = '' OR 1=1#'

Here, the first single-quote will balance the query and cope-up with the single-quote in the statement,

Then, OR will add a Boolean condition where, if either side of the statement of OR will be true then, the entire statement will become true for all.

1=1 is the statement that is true in any case, and thanks to OR, it'll make the entire statement true.

At last,# is used to comment out the rest part of the SQL statement and hence the single-quote at the end of th statement gets commented out.

In the newer versions of SQL (-- ) might need to be used instead of #.