Exploiting SQL injection with no space

With Exploitation scenario:

SQL Injection: A SQLI attack consists of an injection in SQL query via user supplied input to the application. A successful SQL injection exploit can read sensitive data from the database, modify database data (Insert/Update/Delete), execute operations on the database.

SQLi occurs when an application uses invalidated user input to dynamically construct SQL query.

Example: We want to retrieving data from a library application that publishes articles.

1) The application executes SQL query which returns public articles. The URL looks like this https://blog.test.com/articles.php?status=public. Which executes this query

SELECT * FROM library WHERE category = ‘articles’ AND status = ‘public’.

2) Attacker tries to retrieve all articles (public and confidential) so he modify above

Sql query simply by using an OR statement such as articles’ or 1=1 — ‘.

SELECT * FROM library WHERE category = ‘articles’ OR 1=1 — ’ and status =’public’

3) Since 1=1 is a true statement, all articles (public and confidential) are retrieved.

Types:

● In-band SQLI /Classic: The malicious user uses the same communication channel to…