SQL Injection

General technological topics without their own forum go here

SQL Injection

Post by MarkT on Sun Mar 17, 2013 1:36 am
([msg=74576]see SQL Injection[/msg])

Hey, so I've recently had a big spike in interest in sql injections, and how they work. So I've been going around, seeing what types of errors can come up in different situations, and how to take advantage of these(within legal limits). I found this one "Warning: mysql_fetch_array() expects parameter 1 to be resource" which appears when I do just a simple 'Or1=1-- in the login fields, now I am by no means anything but a novice at this and am still very confused. Anyone know what can become of this error? Thank you in advance
MarkT
New User
New User
 
Posts: 2
Joined: Tue Mar 12, 2013 8:38 pm
Blog: View Blog (0)


Re: SQL Injection

Post by -Ninjex- on Sun Mar 17, 2013 5:22 am
([msg=74577]see Re: SQL Injection[/msg])

More than likely,
The query fails and can not produce a query resource, so it then produces FALSE instead.
Spreading knowledge just once a day, can help keep the script kiddies away ⠠⠵
no_hope if world.map{|person, ic = 0| ic +=1 if ignorance.include?(person)}.compact.length > (world.length / 2)
The absence of evidence is not evidence of absence.
User avatar
-Ninjex-
Addict
Addict
 
Posts: 1059
Joined: Sun Sep 02, 2012 8:02 pm
Blog: View Blog (0)



Return to General

Who is online

Users browsing this forum: No registered users and 0 guests