nerdexam
EC-Council

312-50V9 · Question #89

A tester has been hired to do a web application security test. The tester notices that the site is dynamic and must make use of a back end database. In order for the tester to see if SQL injection is

The correct answer is B. Single quote. The single quote character is the standard first input used to probe for SQL injection because it prematurely terminates a string literal in a SQL query and causes a syntax error if the input is not sanitized.

SQL Injection

Question

A tester has been hired to do a web application security test. The tester notices that the site is dynamic and must make use of a back end database. In order for the tester to see if SQL injection is possible, what is the first character that the tester should use to attempt breaking a valid SQL request?

Options

  • ASemicolon
  • BSingle quote
  • CExclamation mark
  • DDouble quote

How the community answered

(32 responses)
  • A
    3% (1)
  • B
    94% (30)
  • C
    3% (1)

Why each option

The single quote character is the standard first input used to probe for SQL injection because it prematurely terminates a string literal in a SQL query and causes a syntax error if the input is not sanitized.

ASemicolon

A semicolon terminates a SQL statement and is used to stack queries in certain databases, but it is not the primary first character used to detect whether injection is possible.

BSingle quoteCorrect

In SQL, string values are delimited by single quotes. Injecting a single quote into user-supplied input causes the database engine to interpret the character as the end of the string literal, breaking the intended query syntax. The resulting database error or unexpected behavior confirms that the application is passing unsanitized input directly to the SQL engine, indicating a SQL injection vulnerability.

CExclamation mark

An exclamation mark has no special meaning in standard SQL syntax and would not cause a syntax error that reveals injection susceptibility.

DDouble quote

A double quote is a string delimiter in some databases such as PostgreSQL when ANSI quoting is enabled, but the single quote is the universal and first-choice character for initial SQL injection testing.

Concept tested: SQL injection initial probing with single quote

Source: https://owasp.org/www-community/attacks/SQL_Injection

Topics

#SQL injection#single quote#injection testing#input validation

Community Discussion

No community discussion yet for this question.

Full 312-50V9 Practice