1

I am trying to drop a table within a database using SQL injection through PHP.

The PHP code submits a form to the Database with the following command and multi_query($sql):

$sql = "INSERT INTO Student (StdNumber, FName, LName, DOB, PhoneNumber) 
VALUES ('$input1', '$input2', '$input3', '$input4', '$input5')";

So I thought, I can SQL Inject input5. So I use:

');"; $sql .= "DROP TABLE IF EXISTS Student;";-- -

This closes the previous sql statement, then I start another statement with 'sql .=' and then I comment off the rest of it with -- -

However the table isn't dropping. I am not seeing my injection command within input5 (PhoneNumber) in the database, so it is successfully closing the previous statement I would believe.

So I am not sure what is wrong, am I using multi_query incorrectly? or is my injection incorrect?

Thank you

Edit 1: Additionally, when I submit the form it accepts it and makes another entry into the database.

Improve this question
2
  • Need to be like:- $sql = "INSERT INTO Student (StdNumber, FName, LName, DOB, PhoneNumber) VALUES ('$input1', '$input2', '$input3', '$input4', '$input5')"; $sql .= "DROP TABLE IF EXISTS Student;"; and then use multi_query Commented Sep 25, 2017 at 7:26
  • Isn't that what I am doing now Alive to Die? Commented Sep 25, 2017 at 7:29

1 Answer 1

Reset to default
2

You are trying to manipulate the sql that is generated by the php, not the php itself.

So you should not add php to your 5th input:

');"; $sql .= "DROP TABLE IF EXISTS Student;";-- -

should be something like:

1234567890'); DROP TABLE IF EXISTS Student; -- the rest here will be comments in sql
Improve this answer
Sign up to request clarification or add additional context in comments.

5 Comments

Thank you! So I get SQL like: INSERT INTO Student (StdNumber, FName, LName, DOB, PhoneNumber) VALUES ('', '', '', '', ''); DROP TABLE IF EXISTS Student; --')
@Bartholomas Exactly, I just added a phone number and some comments to illustrate.
But it still won't drop the table in the database. Would this probably be something to do with multi_query($sql) ?
@Bartholomasn You should do a var_dump($sql) to make sure it is what you think it is. And try to run that for example from the mysql command line or phpMyAdmin. If that works, the problem is in the multi-query code you haven't posted.
Ahh yes you were correct. I receive an error saying: #1217 - Cannot delete or update a parent row: a foreign key constraint fails

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.