312-50V9 · Question #89
A tester has been hired to do a web application security test. The tester notices that the site is dynamic and must make use of a back end database. In order for the tester to see if SQL injection is
The correct answer is B. Single quote. The single quote character is the standard first input used to probe for SQL injection because it prematurely terminates a string literal in a SQL query and causes a syntax error if the input is not sanitized.
Question
A tester has been hired to do a web application security test. The tester notices that the site is dynamic and must make use of a back end database. In order for the tester to see if SQL injection is possible, what is the first character that the tester should use to attempt breaking a valid SQL request?
Options
- ASemicolon
- BSingle quote
- CExclamation mark
- DDouble quote
How the community answered
(32 responses)- A3% (1)
- B94% (30)
- C3% (1)
Why each option
The single quote character is the standard first input used to probe for SQL injection because it prematurely terminates a string literal in a SQL query and causes a syntax error if the input is not sanitized.
A semicolon terminates a SQL statement and is used to stack queries in certain databases, but it is not the primary first character used to detect whether injection is possible.
In SQL, string values are delimited by single quotes. Injecting a single quote into user-supplied input causes the database engine to interpret the character as the end of the string literal, breaking the intended query syntax. The resulting database error or unexpected behavior confirms that the application is passing unsanitized input directly to the SQL engine, indicating a SQL injection vulnerability.
An exclamation mark has no special meaning in standard SQL syntax and would not cause a syntax error that reveals injection susceptibility.
A double quote is a string delimiter in some databases such as PostgreSQL when ANSI quoting is enabled, but the single quote is the universal and first-choice character for initial SQL injection testing.
Concept tested: SQL injection initial probing with single quote
Source: https://owasp.org/www-community/attacks/SQL_Injection
Topics
Community Discussion
No community discussion yet for this question.