SQL Injection is basically an attack in which we gain the credentials without having the root priviliges directly through the database end.
I think you have learned how to perform a SQL Injection attack or if any confusion or know about it read my next blog about how to perform SQL Injection attacks.
So the question was why do we use ?id=-1 rather then ?id=1 to gain the credentials.
The reason is, to exceed the desc_length. Every id is alloted to a unique developers page as we put -- at the end the browser will only execute the command i.e. ?id=1 and ignore the rest as comment. So it will execute the command and show us the developer page as it is alloted to a specific developer's page.
So to get the credentials we first have to exceed this desc_length which starts from 0 to any number. So that we use a number less than 0 i.e. ?id=-1 it could be any number less than zero or the number that exceeds the desc_length it could be any alphabets,or 10000000000000.
I think you have learned how to perform a SQL Injection attack or if any confusion or know about it read my next blog about how to perform SQL Injection attacks.
So the question was why do we use ?id=-1 rather then ?id=1 to gain the credentials.
The reason is, to exceed the desc_length. Every id is alloted to a unique developers page as we put -- at the end the browser will only execute the command i.e. ?id=1 and ignore the rest as comment. So it will execute the command and show us the developer page as it is alloted to a specific developer's page.
So to get the credentials we first have to exceed this desc_length which starts from 0 to any number. So that we use a number less than 0 i.e. ?id=-1 it could be any number less than zero or the number that exceeds the desc_length it could be any alphabets,or 10000000000000.
No comments:
Post a Comment