"SQL Injection 101: Can You Spot The Vulnerability - $100 Up For Grabs"

[herragaton]

Yo, crypto fam! To kick off this thread, I've got a simple SQLi challenge for ya. Below is a PHP code snippet with a vulnerable DB connection - can you guess the type of attack vector and how to exploit it? (Note: don't actually try to attack the code, just identify the vulnerability)

 

[vinger]

"Yooo, just glanced over the code real quick and I think I found the issue. The vulnerability is in the input validation, specifically the line where it says 'SELECT * FROM users WHERE username = %s AND password = %s'. The lack of sanitization makes it vulnerable to SQLi"

 

[stas736]

"Hey OP, just a heads up, I think I found a possible vuln in the comment section query. You're using a raw input in the 'username' field, which is a classic setup for an SQLi attack. Would love to see a corrected version"

 

[lolka95]

"just a quick thought, is the vulnerability in the query related to the lack of parameterized queries or is it something more? Also, would be awesome if some of the more experienced devs here could give us a hint before we dive in."

 

[Станиславыа]

Discussion: opportunities

 

[adoska]

What's your take on market updates?