php


Unable to execute 2 MySQL queries separated by semicolon


I am trying a simple SQL Injection example which is already working correctly. The goal is to add SQL code to a login page that asks for EmployeeID and Password. In this example I am supposed to know the following information:
* There is a user called Admin
* There is a table field called Name
With this data at hand, the code below did the trick. A space is included after the second dash in order to be interpreted as a comment so the rest of the query is ignored. Basically, the password information is not necessary.
' or Name = 'Admin'; --
So far, so good. Now, I have to include a second SQL statement and I am told that I can use a semicolon as a separator for multiple SQL statements. So I did the following:
' or Name = 'Admin'; SELECT id FROM credential; --
But it does not work. I get a message saying that there is an error in the SQL syntax. I thought that maybe there is no support for multiple queries in one line but I tested using MySQL console and I could successfully issue 2 select statements separated by a semicolon. Below, I show the query (displayed intentionally by an echo statement) and the error that appears on screen.
I will very much appreciate your feedback to help me discover and fix my issue.
SELECT id, name, eid, salary, birth, ssn, phoneNumber, address, email,nickname,Password FROM credential WHERE eid= '' or Name = 'Admin'; SELECT id FROM credential; -- ' and Password='da39a3ee5e6b4b0d3255bfef95601890afd80709'
There was an error running the query [You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'SELECT id FROM credential; -- ' and Password='da39a3ee5e6b4b0d3255bfef95601890af' at line 3]\n

Related Links

When try to reindexing in magento2 by ubuntu terminal I am getting this(Access denied for user 'root'#'localhost'(using password: NO)) error
Datatables and slow Ajax sourced data
Laravel Yajra datatables headers label not working
Zend Framework 2 Checkbox setValue for unchecked not work
how to define an access for a member of telegram bot?
Adding product using WooCommerce Rest Api - Stock issue
checking urls against tables in the database
PHP Warning: Module 'ssh2' already loaded in Unknown on line 0
grocery crud change default theme
Laravel - How to update field value in sqlite
PHP - While loop for database doesn't work?
PHP Pagination Displays in Wrong Order After Certain Page
pg_connect - php script works from command line but not from web page
EL Capitan, MAMP 3.5, Apache not working, dyld: Symbol not found: _OCIInitialize
PHP Lint Mode Doesn't Catch Incompatible Declaration Errors
keeping form values after POST as a paramter of python file

Categories

HOME
rust
matrix
paypal-ipn
bots
hid
ipv6
linker
haxe
wagtail
spring-security-oauth2
yeoman-generator-angular
match
nexus3
documentum
mailmerge
grocery-crud
mpu6050
spring-jpa
trace32
playframework-2.0
bluemix-mobile-services
android-permissions
sqlplus
coreldraw
intel
pyopencl
window-managers
sap-lumira
cube
source-insight
winsock
om-next
adminer
buildforge
subclassing
android-alarms
cloudera-quickstart-vm
variable-variables
text-decorations
tidal-scheduler
iscroll
export-to-pdf
netapp
viewcontroller
1wire
haar-classifier
winston
android-webservice
mura
scala-collections
gnome-terminal
http-basic-authentication
mobile-angular-ui
bpms
rational-performance-test
callouts
spring-mongo
bbc-micro
unsigned
swiffy
persistent-object-store
flipclock
trust
ioexception
godeps
in-app-billing
nastran
asp.net-web-api-helppages
android-studio-import
embeddedwebserver
bootstrap-wysiwyg
flow-js
web-api
jolie
string.format
window-resize
tabris
object-code
loginview
treeline
meteor-collections
hotswap
indesign-server
xs
flv
spiral
chefspec
reentrancy
xalan
struts2-json-plugin
thejit
pageheap
monocross
uipangesturerecognizer
hardcode
wcf-callbacks
wiktionary
mmc3
office-automation
database-deadlocks
digiflow
hungarian-notation
fgetc
dm
sqlsitemapprovider
jboss-mdb
suggestbox

Resources

Mobile Apps Dev
Database Users
javascript
java
csharp
php
android
MS Developer
developer works
python
ios
c
html
jquery
RDBMS discuss
Cloud Virtualization
Database Dev&Adm
javascript
java
csharp
php
python
android
jquery
ruby
ios
html
Mobile App
Mobile App
Mobile App