nerdexam
EC-Council

312-50V10 · Question #330

A security administrator notices that the log file of the company's webserver contains suspicious entries: Based on source code analysis, the analyst concludes that the login.php script is vulnerable

The correct answer is B. SQL injection.. Suspicious input patterns in webserver logs for a login script indicate that an attacker is manipulating SQL queries through user-supplied fields.

SQL Injection

Question

A security administrator notices that the log file of the company's webserver contains suspicious entries:

Based on source code analysis, the analyst concludes that the login.php script is vulnerable to

Exhibit

312-50V10 question #330 exhibit

Options

  • Acommand injection.
  • BSQL injection.
  • Cdirectory traversal.
  • DLDAP injection.

How the community answered

(28 responses)
  • A
    4% (1)
  • B
    75% (21)
  • C
    14% (4)
  • D
    7% (2)

Why each option

Suspicious input patterns in webserver logs for a login script indicate that an attacker is manipulating SQL queries through user-supplied fields.

Acommand injection.

Command injection involves appending OS-level shell commands to application inputs that get executed by the server - it targets the operating system, not the SQL database layer.

BSQL injection.Correct

SQL injection attacks against login scripts work by inserting malicious SQL syntax (such as `' OR '1'='1`) into credential fields, causing the application to construct a query that bypasses authentication or exposes data. Login forms are a primary target because they commonly build SQL queries directly from username and password inputs without proper parameterization. The log entries referencing login.php with anomalous input patterns are the diagnostic signature of this attack type.

Cdirectory traversal.

Directory traversal uses path-manipulation sequences such as `../` to navigate the file system and access unauthorized files - it is unrelated to database query manipulation.

DLDAP injection.

LDAP injection targets LDAP directory service queries, not SQL-based relational database backends such as the MSSQL environment implied by the ASP/PHP login script context.

Concept tested: SQL injection vulnerability in web application login scripts

Source: https://owasp.org/www-community/attacks/SQL_Injection

Topics

#SQL injection#login form#web application#database attack

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice