In SQL injection payloads, what does the sequence -- typically indicate?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam. Study with comprehensive questions and explanations. Equip yourself with the skills needed for success!

Multiple Choice

In SQL injection payloads, what does the sequence -- typically indicate?

Explanation:
In SQL injection payloads, the sequence that starts a single-line comment is used to hide the rest of the original statement. When the attacker injects this marker into a query, the remainder of that line becomes a comment, so the database stops processing the rest of the intended SQL. This lets the injected portion run as the main command while the original query’s trailing syntax is ignored, helping the attacker shape the final query and avoid syntax errors. In many SQL dialects, this marker requires a space after the dashes to be treated as a comment. This isn’t about triggering an error, validating input, or ending a session. It’s about turning the remainder of the existing query into a harmless comment so the injected payload can execute as intended.

In SQL injection payloads, the sequence that starts a single-line comment is used to hide the rest of the original statement. When the attacker injects this marker into a query, the remainder of that line becomes a comment, so the database stops processing the rest of the intended SQL. This lets the injected portion run as the main command while the original query’s trailing syntax is ignored, helping the attacker shape the final query and avoid syntax errors. In many SQL dialects, this marker requires a space after the dashes to be treated as a comment.

This isn’t about triggering an error, validating input, or ending a session. It’s about turning the remainder of the existing query into a harmless comment so the injected payload can execute as intended.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy