Lab 3: SQL Injection
Due Wednesday, March 7, at 9:00 AM
Now that you've had adaquate time to forget Tuesday's demonstration of SQL injection attacks, repeat the same technique against the website located at the SecureCorp website. The website is unchanged from class, execpt for removal of the "debug" page, and removal of the SQL injection attack prevention measures added in class. Using this webpage (and not other methods, such as logging into Isoptera and using mysql directly), determine the following:
<-- RE-use: not clear at all what visitors table is -->
Do your attack from the outside (that is, from a web browser, not inside isoptera).
- How is the user "Stuart" described?
- What two animals are referenced in the "visitors" table?