ChrisPHP Posted January 8, 2013 Share Posted January 8, 2013 Hey everyone, I hope that you're doin all great.. So I decided to learn about sql injections more to comprehend how hackers actually think.. Let's say i know the structure of a database for a certain website, it has client as table and username as field and I want to 'hack' my way to the website; I know about ' or '1'='1 and I know how it actually functions.. My question is, can I select a certain row in a field while login in using { or 1= ( SELECT username FROM client ) -- } ? If yes, what's the proper syntax because it's giving a syntax error Quote Link to comment https://forums.phpfreaks.com/topic/272865-sql-injection/ Share on other sites More sharing options...
fenway Posted January 13, 2013 Share Posted January 13, 2013 I'm not going to tell you how to perform MySQL injections -- but suffice it to say that most of them have to do with the WHERE clause. Quote Link to comment https://forums.phpfreaks.com/topic/272865-sql-injection/#findComment-1405383 Share on other sites More sharing options...
ChrisPHP Posted January 14, 2013 Author Share Posted January 14, 2013 Ok I think I know what you're talking about I'll check it out when I'll finish my finals.. I don't expect anyone will help more than that.. Thank you anyways I'll mark this as solved anw... Quote Link to comment https://forums.phpfreaks.com/topic/272865-sql-injection/#findComment-1405672 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.