SQL Injection INSERT ON DUPLICATE KEY trick

408 Aufrufe

Veröffentlicht am

Lightning talk I gave at SEC-T spring pub 2016, talking about how to use the "ON DUPLICATE KEY UPDATE" syntax to not only extract but also modify/add information in the database.

The example I brought up was a site that had an SQL Injection in the register page, which could be used to change the admin password without having to crack it.

Veröffentlicht in: Technologie
  • Als Erste(r) kommentieren

SQL Injection INSERT ON DUPLICATE KEY trick

  1. 1. • Login • Register • View article • Admin • Bcrypt, so couldn't get into admin panel :((
  2. 2. Hm!
  3. 3. +
  4. 4. Password of user 'admin' is now the same as password of user 'attacker'!
  5. 5. SQL Injection in INSERT is sometimes worse than SQL injection in SELECT Lightning talk by @avlidienbrunn (Mathias Karlsson)

×