



' OR '1'='1'

#

' OR '1'='1'

Always remember to use Kali for helpful purposes and not use it to cause harm.

Stay Safe.



Follow us on Facebook:- Facebook.com/VAPTHacker

SQL is a database language which is designed for storing, retrieving and manipulating data stored in a database.If a SQL database is directly connected to the website, it can be manipulated to steal and modify the database. This happens after a user is able to inject a code in SQL server doing whatever he wants to do with the database. In a way, he gets the full control of it.1)To understand SQL injection, we must understand SQL queries.2) Say while logging a user 'Rohan' with password 'pass123', a sql query is sent asSELECT from users WHERE user='Rohan' and password='pass123';3)What if the query was SELECT from users WHERE user='Rohan' or '1'='1';4)The first user would be logged in.5) We can do the same here, for example.6) On entering,we get logged in as Jake, since he is the first user in the database.7) Queries can further be manipulated to steal the database.8) Example on enteringwould give the 1-5th row if it exists in the database