Possibly Related Threads…

zinzeur · Oct 03, 2023, 10:37 PM

Is it possible to do sQl injection against website using prepared statement for querying the database ? thanks for your help

XxG1izzi3Guzzl3RxX · Oct 03, 2023, 10:39 PM

its literally called sql INJECTION
just INJECT the " ' " symbol into the query to see if the db is vulnerable

YesMyDark · Oct 03, 2023, 10:41 PM

https://overflow.datura.network/question...-injection

zinzeur · (This post was last modified: Oct 03, 2023, 10:44 PM by zinzeur.)

(Oct 03, 2023, 10:39 PM)XxG1izzi3Guzzl3RxX Wrote: its literally called sql INJECTION
just INJECT the " ' " symbol into the query to see if the db is vulnerable

thanks but prepared statements are the way to guard against sql injections so it would be useless trying classic injection payloads, what I'm looking is if there are edge cases where injection is possible with some clever way

(Oct 03, 2023, 10:41 PM)Kurumi Wrote: https://overflow.datura.network/question...-injection

thanks a lot , best regards

joepa · Oct 04, 2023, 11:37 AM

No, unless there's in bug in the prepared statments code.

Possibly Related Threads…
Thread		Author	Replies	Views	Last Post
	[2026] Bypass AV / EDR	Spearr	63	1,139	5 hours ago Last Post: AKASHIC
	Unlimited Free Cloud	who	105	7,842	5 hours ago Last Post: AKASHIC
	Bypassing Modern AV (Metasploit Method)	godco99	9	500	5 hours ago Last Post: AKASHIC
	0day-Mari Bot	Godfather1	76	7,056	7 hours ago Last Post: akira2k
	[FREE] Database Searcher Telegram	odanbtw	1,021	87,137	Yesterday, 10:08 AM Last Post: hexaagent00