GIAC Certified Incident Handler (GCIH) — Question 95

An attacker is launching an attack against an input field in a form that is used to retrieve restricted information that is filtered dependent upon the privileges of the logged in user. This attacker inserts "' or 1=1;--" into this field. What is most likely the attacker's desired result from this insertion?

Answer options

• A. This forces a bypass on the back-end authentication mechanism, allowing total access to the entire database
• B. This forces a TRUE condition and may cause the SQL server to return all of the information in the selected field(s)
• C. This forces a UNION condition and may cause the SQL server to return a list of all columns in the database
• D. This forces an INSERT condition and will dump all rows in the table to the users screen

Correct answer: D

Explanation

The correct answer is D, as the injected SQL code attempts to force an INSERT operation that could result in all rows being dumped to the user's screen. Option A is incorrect because it does not involve bypassing authentication directly. Option B misinterprets the intent, as it describes a condition but does not align with the action being performed. Option C is also incorrect because a UNION condition is not being forced by this specific input.