Click here to Skip to main content
Rate this: bad
good
Please Sign up or sign in to vote.
See more: All-Topics
What is URL injection and how does it work? I'm bit confused between SQL Injection and URL Injection.
Posted 22-Mar-13 19:45pm
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 1

SQL Injection's are URL based only. Issues are induced into database via URL because of bad way query is formed.
Read: SQL Injection[^]
  Permalink  
Comments
Maciej Los at 24-Mar-13 12:35pm
   
Short and to the point!
+5!
Sandeep Mewara at 24-Mar-13 12:59pm
   
Thanks Maciej. :)
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 2

In the "Weird and Wonderful" we had our fun with the Alcatraz travel website. Their server is still open for injecting SQL via URLs. See Alcatraz ~ the tourist website[^]
See the messages in that thread for more hints on how it works - you can still test your skills.
  Permalink  

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
0 CPallini 375
1 Sergey Alexandrovich Kryukov 370
2 BillWoodruff 314
3 George Jonsson 279
4 OriginalGriff 257
0 OriginalGriff 5,030
1 CPallini 4,115
2 Sergey Alexandrovich Kryukov 3,554
3 George Jonsson 2,826
4 Gihan Liyanage 2,386


Advertise | Privacy | Mobile
Web02 | 2.8.140916.1 | Last Updated 25 Mar 2013
Copyright © CodeProject, 1999-2014
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100