Great info, thanks Chris! I always like to add this to these kinds of
conversations:
* https://imgs.xkcd.com/comics/exploits_of_a_mom.png
Beverly
On Mar 26, 2018, at 4:19 PM, Chris Moyer <cmoyer@xxxxxxxxxxxxxx> wrote:_____________________________________________________________________
Steve,
Regarding the referenced Boolean conditions, take a look at this for a more
comprehensive explanation:
https://www.owasp.org/index.php/Blind_SQL_Injection
I am also a bit confused by the feedback that you’ve been given - in what way
were "the page results [] successfully manipulated using the boolean
conditions…”…? A new account was created with undesired credentials? The
screen output an error? The content of the URL was saved in the DB somewhere?
Chris