GIAC Penetration Tester (GPEN) — Question 53

While performing a code audit, you discover a SQL injection vulnerability assuming the following vulnerable query, what user input could be injected to make the query true and return data? select * from widgets where name = '[user-input]';

Answer options

• A. 'or 1=1
• B. ‘or l=l…
• C. 'or 1=1--
• D. ‘or l=1’

Correct answer: D

Explanation

The correct input, ‘or l=1’, will manipulate the SQL query to always return true, thereby exposing the data. Other options like 'or 1=1 and 'or 1=1--' are effective as well but do not match the required format in the context of this question. The option ‘or l=l…’ is incorrect due to a syntax error and incomplete statement.