Added buffer overflow example

author: Marcin Zelent <zelent.marcin@gmail.com> 2018-05-30 18:27:51 +0200
committer: Marcin Zelent <zelent.marcin@gmail.com> 2018-05-30 18:27:51 +0200
commit: ee0bd3f7716546f679bd390d7b681fedf949b2fb (patch)
tree: a8b21d9c4707521dcf161bbdc7a20f622700c6f2 /examples/sql-injection/login.php
parent: 7b2e079f4ef3cd3f16c6c5ca30fc3e97fd982b28 (diff)
1 files changed, 23 insertions, 0 deletions
diff --git a/examples/sql-injection/login.php b/examples/sql-injection/login.php
new file mode 100644
index 0000000..826c38c
--- /dev/null
+++ b/examples/sql-injection/login.php
@@ -0,0 +1,23 @@
+<?php
+   class MyDB extends SQLite3 {
+      function __construct() {
+         $this->open('users.db');
+      }
+   }
+
+   if(isset($_POST['email'], $_POST['pass']))
+   {
+	$email = $_POST['email'];
+	$pass = $_POST['pass'];
+
+	$db = new MyDB();
+
+	$sql = 'SELECT * FROM Users WHERE email=\''.$email.'\' AND password=\''.$pass.'\'';
+
+	$ret = $db->query($sql);
+	while($row = $ret->fetchArray(SQLITE3_ASSOC)) {
+		echo 'Logged in as '.$row['email'].'<br>';
+	}
+	$db->close();
+   }
+?>
author	Marcin Zelent <zelent.marcin@gmail.com>	2018-05-30 18:27:51 +0200
committer	Marcin Zelent <zelent.marcin@gmail.com>	2018-05-30 18:27:51 +0200
commit	ee0bd3f7716546f679bd390d7b681fedf949b2fb (patch)
tree	a8b21d9c4707521dcf161bbdc7a20f622700c6f2 /examples/sql-injection/login.php
parent	7b2e079f4ef3cd3f16c6c5ca30fc3e97fd982b28 (diff)