Databases Reference
In-Depth Information
Figure 8-16.
Running your report
To perform the SQL injection attack, follow these steps:
1.
Specify the text shown in Listing 8-8 in the search field, and click the Go
button.
Listing 8-8.
Conducting the SQL Injection Attack
' OR 1=1--
2.
You should now see every single customer retrieved from the table, as shown
in Figure 8-17.
