312-50V10 · Question #194
A tester has been hired to do a web application security test. The tester notices that the site is dynamic and must make use of a back end database. In order for the tester to see if SQL injection is
The correct answer is B. Single quote. In SQL injection testing, the single quote is the canonical first character used to probe whether user input is being sanitized and passed directly into a SQL query.
Question
A tester has been hired to do a web application security test. The tester notices that the site is dynamic and must make use of a back end database. In order for the tester to see if SQL injection is possible, what is the first character that the tester should use to attempt breaking a valid SQL request?
Options
- ASemicolon
- BSingle quote
- CExclamation mark
- DDouble quote
How the community answered
(43 responses)- A5% (2)
- B86% (37)
- C7% (3)
- D2% (1)
Why each option
In SQL injection testing, the single quote is the canonical first character used to probe whether user input is being sanitized and passed directly into a SQL query.
A semicolon is used in SQL injection to chain additional statements, but it is not the first character used to test for vulnerability - it presupposes injection is already possible.
A single quote (') is used to attempt to break out of the string context in a SQL statement, which can cause a syntax error or expose underlying query structure if the input is not properly sanitized. If the application returns a database error after submitting a single quote, it confirms that raw input is being interpolated into the SQL query. This is the standard first probe in manual SQL injection testing because it directly tests string delimiter handling.
An exclamation mark has no special meaning in standard SQL syntax and would not break a query or reveal injection points.
A double quote may be valid in some database dialects but is not the universally recognized first probe character for SQL injection testing.
Concept tested: SQL injection initial probe character identification
Source: https://owasp.org/www-community/attacks/SQL_Injection
Topics
Community Discussion
No community discussion yet for this question.