Certified Ethical Hacker (CEH v12) — Question 137

You're the security manager for a tech company that uses a database to store sensitive customer data. You have implemented countermeasures against SQL injection attacks. Recently, you noticed some suspicious activities and suspect an attacker is using SQL injection techniques. The attacker is believed to use different forms of payloads in his SQL queries. In the case of a successful SQL injection attack, which of the following payloads would have the most significant impact?

Answer options

• A. UNION SELECT NULL, NULL, NULL -- : This payload manipulates the UNION SQL operator, enabling the attacker to retrieve data from different database tables
• B. ' OR username LIKE '%': This payload uses the LIKE operator to search for a specific pattern in a column
• C. ' OR '1'='l: This payload manipulates the WHERE clause of an SQL statement, allowing the attacker to view unauthorized data
• D. ' OR 'a'='a; DROP TABLE members; --: This payload combines the manipulation of the WHERE clause with a destructive action, causing data loss

Correct answer: D

Explanation

The correct answer is D because this payload not only bypasses authentication but also executes a destructive SQL command to drop a table, leading to significant data loss. Options A, B, and C are less impactful as they either retrieve data or manipulate queries without causing destruction to the database structure.