ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-50v13 All Questions

View all questions & answers for the 312-50v13 exam
Go to Exam

Exam 312-50v13 topic 1 question 38 discussion

Actual exam question from ECCouncil's 312-50v13
Question #: 38
Topic #: 1
[All 312-50v13 Questions]

Suppose that you test an application for the SQL injection vulnerability. You know that the backend database is based on Microsoft SQL Server. In the login/password form, you enter the following credentials:

Based on the above credentials, which of the following SQL commands are you expecting to be executed by the server, if there is indeed an SQL injection vulnerability?

  • A. select * from Users where UserName = ‘attack’ ’ or 1=1 -- and UserPassword = ‘123456’
  • B. select * from Users where UserName = ‘attack’ or 1=1 -- and UserPassword = ‘123456’
  • C. select * from Users where UserName = ‘attack or 1=1 -- and UserPassword = ‘123456’
  • D. select * from Users where UserName = ‘attack’ or 1=1 --’ and UserPassword = ‘123456’
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by tong0819 at Jan. 9, 2025, 1:47 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
MHafizC
23 hours, 8 minutes ago
Selected Answer: D
D is the answer. Refer to the book.
upvoted 1 times
...
tong0819
6 days, 13 hours ago
Selected Answer: D
Answer is D.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago