Computer Hacking Forensic Investigator (CHFI v10) — Question 425

A cybersecurity forensic investigator analyzes log files to investigate an SQL Injection attack. While going through the Apache across.log, they come across a GET request from the IP 10.0.0.19 containing an encoded query string:

GET /sqli/examplel.php?name=root' UniON SeLeCT 1,table_name,3,4,5 From information_schema.tables where Table_Schema=DatabasE() limit 1,2---

What is the intention behind the attacker’s query?

Answer options

• A. To erase the data in the specific tables of the database
• B. To retrieve the names of the tables in the database
• C. To bypass the website's authentication mechanism and view all user details
• D. To manipulate the order of the columns in the database

Correct answer: B

Explanation

The attacker aims to retrieve the names of the tables in the database by executing a query that selects table names from the information_schema.tables. Options A, C, and D are incorrect because the query does not involve deleting data, bypassing authentication, or manipulating column order.