SQL Injection INSERT ON DUPLICATE KEY trick

315 views

Published on

Lightning talk I gave at SEC-T spring pub 2016, talking about how to use the "ON DUPLICATE KEY UPDATE" syntax to not only extract but also modify/add information in the database.

The example I brought up was a site that had an SQL Injection in the register page, which could be used to change the admin password without having to crack it.

Published in: Technology
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
315
On SlideShare
0
From Embeds
0
Number of Embeds
15
Actions
Shares
0
Downloads
9
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

SQL Injection INSERT ON DUPLICATE KEY trick

  1. 1. • Login • Register • View article • Admin • Bcrypt, so couldn't get into admin panel :((
  2. 2. Hm!
  3. 3. +
  4. 4. Password of user 'admin' is now the same as password of user 'attacker'!
  5. 5. SQL Injection in INSERT is sometimes worse than SQL injection in SELECT Lightning talk by @avlidienbrunn (Mathias Karlsson)

×