GIAC Certified Incident Handler (GCIH) — Question 198

A web application receives the following input from a malicious request. What is the attacker attempting to do?

select accountbalance from user where name = jake' OR 'z'='z';

Answer options

• A. Download database records for a specific application user
• B. Combine two input requests into a single query
• C. Obtain database records for every application user
• D. Add a new user account to the application database

Correct answer: C

Explanation

The correct answer is C because the SQL injection technique used in the input allows the attacker to bypass the intended query logic and retrieve all user records. Option A is incorrect as it targets a specific user, while B does not accurately describe the intent behind the injection. Option D is wrong as the input does not involve creating a user account.