Home > Net >  what is the meaning of this injected sql?
what is the meaning of this injected sql?

Time:05-25

I'm fiddling with sqlmap and it gives a working injected (My)SQL query:

SELECT *
FROM   `news`
WHERE  ( content LIKE ? )
ORDER  BY id 
          AND
            (SELECT 8183
               FROM   (SELECT( Sleep(1) )) dyYQ) 

But I fail to understand what this query means, mainly the ORDER BY id AND (SELECT part.

I understand both parts before and after AND, but I never knew AND could join two clauses.

I checked MySQL doc, ORDER BY followed by AND subquery does not look legal syntax.

CodePudding user response:

The query is valid in MySQL, syntax wise. You can use any expression as the operands of the and operator. The result will be 1 or 0.

SELECT 1 AND (SELECT 1) -- 1
SELECT 1 AND (SELECT 0) -- 0

Plus the ... and ... expression itself could be used in order by.

  • Related