Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GIAC Exam GCED Topic 3 Question 59 Discussion

Actual exam question for GIAC's GCED exam
Question #: 59
Topic #: 3
[All GCED Questions]

What attack was indicated when the IDS system picked up the following text coming from the Internet to the web server?

select user, password from user where user= ''jdoe'' and password= 'myp@55!' union select ''text'',2 into outfile ''/tmp/file1.txt'' - - '

Show Suggested Answer Hide Answer
Suggested Answer: A

by Fernanda at Feb 08, 2025, 07:12 PM

Limited Time Offer

25%

Off

Get Premium GCED Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Anastacia
3 hours ago
I'm pretty sure this is a SQL injection attempt. The query is trying to extract sensitive data and write it to a file on the server, which is not good.
upvoted 0 times
...
Vincenza
3 days ago
I'm not sure, but it could also be Remote File Inclusion.
upvoted 0 times
...
Corrie
4 days ago
Wow, this looks like a classic SQL injection attack. The code is trying to execute a malicious SQL query to dump the user and password data to a file on the server.
upvoted 0 times
...
Fidelia
5 days ago
I agree with Bernadine, because the query is trying to manipulate the database.
upvoted 0 times
...
Bernadine
8 days ago
I think the attack indicated is SQL Injection.
upvoted 0 times
...

Save Cancel