How deeply to test SQL injection vulnerability

Image the following situation:

I know(I can see) in the code that before querying to DB using an input field parameter, there is a function which escapes all chars. Pseudo code:

escape_all_chars(input_field_variable)

Is there any point of testing multiple SQL queries in the input field rather than the simplest one?

I mean is it possible to have a complex SQL injection query that can somehow pass the escape_all_chars prevention?

Note: By complex SQL query I am not talking about complex in the way of a many character long query like writing 100k symbols. I am talking about SQL query with complex logic in it.

edited Feb 10, 2023 at 8:22

JIST

1,3904 gold badges15 silver badges35 bronze badges

asked Mar 10, 2017 at 9:40

Georgi Georgiev

1,6334 gold badges24 silver badges48 bronze badges

1

sql="SELECT * FROM users WHERE id="+escape_all_chars(input_field_variable); - here you are, a terrible complex SQL injection.

Your Common Sense
– Your Common Sense

2017-03-10 09:48:32 +00:00
Commented Mar 10, 2017 at 9:48
1

The problem with "escaping" is that people do not understand what it's for and confuse it with something else.

Your Common Sense
– Your Common Sense

2017-03-10 09:49:37 +00:00
Commented Mar 10, 2017 at 9:49
@YourCommonSense I got what you meant. You are right, I have wrong understanding. Thanks :)

Georgi Georgiev
– Georgi Georgiev

2017-03-10 12:02:28 +00:00
Commented Mar 10, 2017 at 12:02

Add a comment |

0

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.

Collectives™ on Stack Overflow

How deeply to test SQL injection vulnerability [duplicate]

0

Linked

Hot Network Questions