Certified Ethical Hacker v11 312-50v11 – Question184

Suppose that you test an application for the SQL injection vulnerability. You know that the backend database is based on Microsoft SQL Server. In the login/password form, you enter the following credentials:

Username: attack' or 1=1 –
Password: 123456

Based on the above credentials, which of the following SQL commands are you expecting to be executed by the server, if there is indeed an SQL injection vulnerability?

A.
select * from Users where UserName = `attack' ' or 1=1 — and UserPassword = `123456'
B. select * from Users where UserName = `attack' or 1=1 — and UserPassword = `123456'
C. select * from Users where UserName = `attack or 1=1 — and UserPassword = `123456'
D. select * from Users where UserName = `attack' or 1=1 –' and UserPassword = `123456'

Correct Answer: A