SQL Injection demo
[CG]Nick
123.8K views
Open Source Your Knowledge, Become a Contributor
Technology knowledge has to be shared and made accessible for free. Join the movement.
SQL code injection
This is a little demonstration of a SQL injection in a simple login application. In our example, a database as been provisionned with an admin user. Their credentials are:
username: admin
password: admin123
In theory it should only be possible to login in the application using this credential, but if the application is not safely programmed, it is possible to penetrate in the system as an admin user without knowing the admin password.
Once you have played a bit with the login application and tried to used valid and invalid credential, use the following values
username: admin
password: unknown' or '1'='1
And observe carrefully the value of the SQL query displayed in the log section.
Run application
1
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
// {
app.post('/login', function (req, res) {
var username = req.body.username; // a valid username is admin
var password = req.body.password; // a valid password is admin123
var query = "SELECT name FROM user where username = '" + username + "' and password = '" + password + "'";
console.log("username: " + username);
console.log("password: " + password);
console.log('query: ' + query);
db.get(query , function(err, row) {
if(err) {
console.log('ERROR', err);
res.redirect("/index.html#error");
} else if (!row) {
res.redirect("/index.html#unauthorized");
} else {
res.send('Hello <b>' + row.name + '</b><br /><a href="/index.html">Go back to login</a>');
}
});
});
app.listen(3000);
Enter to Rename, Shift+Enter to Preview
1
node app.js &
Enter to Rename, Shift+Enter to Preview
1
<!DOCTYPE html>
Enter to Rename, Shift+Enter to Preview
1
form {
Enter to Rename, Shift+Enter to Preview
Open Source Your Knowledge: become a Contributor and help others learn. Create New Content