312-50V10 · Question #330
A security administrator notices that the log file of the company's webserver contains suspicious entries: Based on source code analysis, the analyst concludes that the login.php script is vulnerable
The correct answer is B. SQL injection.. Suspicious input patterns in webserver logs for a login script indicate that an attacker is manipulating SQL queries through user-supplied fields.
Question
A security administrator notices that the log file of the company's webserver contains suspicious entries:
Based on source code analysis, the analyst concludes that the login.php script is vulnerable to
Exhibit
Options
- Acommand injection.
- BSQL injection.
- Cdirectory traversal.
- DLDAP injection.
How the community answered
(28 responses)- A4% (1)
- B75% (21)
- C14% (4)
- D7% (2)
Why each option
Suspicious input patterns in webserver logs for a login script indicate that an attacker is manipulating SQL queries through user-supplied fields.
Command injection involves appending OS-level shell commands to application inputs that get executed by the server - it targets the operating system, not the SQL database layer.
SQL injection attacks against login scripts work by inserting malicious SQL syntax (such as `' OR '1'='1`) into credential fields, causing the application to construct a query that bypasses authentication or exposes data. Login forms are a primary target because they commonly build SQL queries directly from username and password inputs without proper parameterization. The log entries referencing login.php with anomalous input patterns are the diagnostic signature of this attack type.
Directory traversal uses path-manipulation sequences such as `../` to navigate the file system and access unauthorized files - it is unrelated to database query manipulation.
LDAP injection targets LDAP directory service queries, not SQL-based relational database backends such as the MSSQL environment implied by the ASP/PHP login script context.
Concept tested: SQL injection vulnerability in web application login scripts
Source: https://owasp.org/www-community/attacks/SQL_Injection
Topics
Community Discussion
No community discussion yet for this question.
