22

Does anyone know what something like OR 1# means in the context of MySQL injection?

Improve this question
4
  • 4
    The # symbol has a few English names (number, octothorpe, hex, hash, sharp) that you can Google :) Commented Nov 29, 2010 at 3:44
  • 2
    :) thanks for helping me find completely unrelated pages! in all seriousness, I did Google for mysql pound symbol, etc, before asking and just got pages on british pounds Commented Nov 29, 2010 at 4:25
  • 5
    Ironically, this is now the top result if you search for mysql hash symbol and the second result for mysql octothorpe. Commented May 15, 2014 at 23:21
  • Top result for sharp sql, and still can't find the answer :/ edit : I've found an answer in third page : stackoverflow.com/questions/3166117/… Commented Jun 23, 2016 at 8:15

2 Answers 2

Reset to default
55

It is MySQL's version of the line comment delimiter. In standard SQL, the line comment delimiter is --.

-- This is a standard SQL comment. # This is a MySQL comment.

So in the context of SQL injection, if the attacker knows you're using MySQL he may use it to abruptly terminate the malicious SQL statement, causing MySQL to ignore whatever is behind the # and execute only the stuff that comes before it. This is only effective against single-line SQL statements, however. Here's an example:

Input:

Username: fake' OR 1#
Password: pass

Resultant SQL:

SELECT * FROM users WHERE username = 'fake' OR 1#' AND password = 'pass'

Which is executed as this, which returns every row:

SELECT * FROM users WHERE username = 'fake' OR 1
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

This is the start of a comment. It means that anything after that will be skipped by the parser.

Improve this answer

1 Comment

@JD: a-ha, to protect against sql-injections we need more lines in our queries (irony) ;-)

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.