Welcome to HBH! If you had an account on hellboundhacker.org you will need to reset your password using the Lost Password system before you will be able to login.

simple SQL injection not working...

  1. Home
  2. Forum
  3. Web hacking
  4. simple SQL injection not working...

ghost's Avatar

ghost

0 0

Hello. I'm trying to understand and learn sql injection so i made my own website with login page and tried simple sql injection (' OR 'x'='x in password box). But it didn't worked. I did some digging and found out that password value wich script recieved from $_POST was with \ (\' OR \'x\'=\'x)

if($_SERVER["REQUEST_METHOD"] == "POST")
{
// username and password sent from Form
$myusername=$_POST['username'];
$mypassword=$_POST['password'];
echo $mypassword;
$sql="SELECT id FROM Users WHERE user='$myusername' and pass='$mypassword'";
$result=mysql_query($sql);
$row=mysql_fetch_array($result);
$count=mysql_num_rows($result);

// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1)
{
session_register("myusername");
$_SESSION['login_user']=$myusername;
header("location: welcome.php");
}
else
{
$error="Your Login Name or Password is invalid";
echo $error;
}
}```
I cannot understand from where does '\' come??? :angry:

ghost's Avatar

ghost

0 0

Version of php is 5.3.5 so i guess it is magic quotes… Is there any way to bypass it?


starofale's Avatar

starofale

Member
0 0

Well, magic quotes has been deprecated since 5.3.0, so I would hope that means it's disabled by default. I'm guessing you're not running this on your own machine, so you could check phpinfo() for the setting "magic_quotes_gpc" to confirm whether this is the problem.

As for a solution, you could simply run stripslashes() on your input. Or you could change the value of magic_quotes_gpc with ini_set().