Hi all,
This is my first post so please be understanding :D
I just need to know if my reflection is good or not :D
actually i try something like this :
‘ or realname='Sandra Murphy’ or 1=1
and some random character in the password.
Normally the instruction will be something like this
username = $_GET[username] AND password = $_GET[password]
so if I want to remove the and I need to add a OR condition so my injection will be like
username = $_GET[username] OR realname='Sandra Murphy' OR 1=1 AND password=$_GET[password]
If i make the translation :
0 OR 1 OR 1 AND 0
But that didn’t works, what’s wrong, my comprehension ? i make a stupid mistake like forgot a '
please could you help me ?
Thanks