Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

GIAC Exam GCED Topic 3 Question 59 Discussion

Actual exam question for GIAC's GCED exam
Question #: 59
Topic #: 3
[All GCED Questions]

What attack was indicated when the IDS system picked up the following text coming from the Internet to the web server?

select user, password from user where user= ''jdoe'' and password= 'myp@55!' union select ''text'',2 into outfile ''/tmp/file1.txt'' - - '

Show Suggested Answer Hide Answer
Suggested Answer: A

by Fernanda at Feb 08, 2025, 07:12 PM

Limited Time Offer

25%

Off

Get Premium GCED Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Dacia
3 hours ago
Haha, someone's trying to hack the web server with a little SQL magic! C'mon, SQL injection? That's so 2000s, let's move on to something more creative.
upvoted 0 times
...
Anastacia
9 days ago
I'm pretty sure this is a SQL injection attempt. The query is trying to extract sensitive data and write it to a file on the server, which is not good.
upvoted 0 times
...
Vincenza
12 days ago
I'm not sure, but it could also be Remote File Inclusion.
upvoted 0 times
...
Corrie
13 days ago
Wow, this looks like a classic SQL injection attack. The code is trying to execute a malicious SQL query to dump the user and password data to a file on the server.
upvoted 0 times
...
Fidelia
14 days ago
I agree with Bernadine, because the query is trying to manipulate the database.
upvoted 0 times
...
Bernadine
17 days ago
I think the attack indicated is SQL Injection.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77