How deeply to test SQL injection vulnerability

Asked Mar 10 '17 at 09:40

Active Feb 10 '23 at 08:22

Viewed 25 times

Image the following situation:

I know(I can see) in the code that before querying to DB using an input field parameter, there is a function which escapes all chars. Pseudo code:

escape_all_chars(input_field_variable)

Is there any point of testing multiple SQL queries in the input field rather than the simplest one?

I mean is it possible to have a complex SQL injection query that can somehow pass the escape_all_chars prevention?

Note: By complex SQL query I am not talking about complex in the way of a many character long query like writing 100k symbols. I am talking about SQL query with complex logic in it.

edited Feb 10 '23 at 08:22

JIST

1,139
2
8
30

asked Mar 10 '17 at 09:40

CuriousGuy

1,545
3
20
42

1

`sql="SELECT * FROM users WHERE id="+escape_all_chars(input_field_variable);` - here you are, a terrible complex SQL injection. – Your Common Sense Mar 10 '17 at 09:48
1

The problem with "escaping" is that people do not understand what it's for and confuse it with something else. – Your Common Sense Mar 10 '17 at 09:49
@YourCommonSense I got what you meant. You are right, I have wrong understanding. Thanks :) – CuriousGuy Mar 10 '17 at 12:02

How deeply to test SQL injection vulnerability

0 Answers0