An attacker enters the string ‘John’ or ‘1=1’ on a web form that is connected to a back-end SQL server causing the server to display all records in the database table. Which type of SQL injection attack was used in this scenario?

Oct 9, 2023 Last Updated: Oct 9, 2023 No Comments
Tweet Share Pin it
IT Questions BankCategory: Ethical HackerAn attacker enters the string ‘John’ or ‘1=1’ on a web form that is connected to a back-end SQL server causing the server to display all records in the database table. Which type of SQL injection attack was used in this scenario?

An attacker enters the string ‘John’ or ‘1=1’ on a web form that is connected to a back-end SQL server causing the server to display all records in the database table. Which type of SQL injection attack was used in this scenario?

  • error-based SQL injection
  • inferential SQL injection
  • boolean SQL injection
  • out-of-band SQL injection

Explanation: Since the string ‘1=1’ is always true, the search string serves as a Boolean value of TRUE, causing the database system to display all records.

Exam with this question: Ethical Hacker: Course Final Exam Answers

Subscribe
Notify of
guest

0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x