Sql Injection queries

Question

I have a website which contains sql injection vulnerability but i can exploit it, just because of some filtration by the web server.

So i have a payload order by 4 to find the columns but i can't find. I don't know whats happening but when i use this payload it works ' order by 4--+ when this payload executes i get the column error.

So what happens with the second one? The main doubt is what is the work of the --+ and why is it necessary to put a single tick (') in second payload?

worth reading this https://stackoverflow.com/questions/601300/what-is-sql-injection — Ian Kenney, Aug 24 '17 at 11:41
Ppl gave negative votes bcuz StackOverflow is for broken code you can ask this types of question in https://security.stackexchange.com — Rajendran Nadar, Aug 24 '17 at 12:13

score 1 · Answer 1 · answered Aug 24 '17 at 15:38

1

I think that the -- in sql means : comment what is forwarding.

You should use a ' to don't get sql syntaxe errors on your injection and to see the result.

If you use PHP, just take a look for The Documentation. Wish it could help you.

Good luck

answered Aug 24 '17 at 15:38

N.YAICI

29
1
11

@Utkarsh , Did this help ? – N.YAICI Aug 25 '17 at 08:51
Hey, and just take a look [this post explaining how to prevent SQL injections in php](https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php?rq=1). – N.YAICI Aug 25 '17 at 09:39
Yeah absolutely, and sorry! for not replying you. – Utkarsh Agrawal Aug 25 '17 at 13:05
You're welcome. Don't forget to make this post as resolved ! – N.YAICI Aug 26 '17 at 13:34

Sql Injection queries

1 Answers1