Instantly share code, notes, and snippets.

Embed
What would you like to do?
Example of an SQL injection attack for the Cosmos DB
// Called through:
// http://127.0.0.1:3000/db?username=%27%20OR%20%271%27=%271
// Query username from URL parameter
const username = req.query.username;
// Create SQL query
const sqlQuery = "SELECT * FROM c WHERE c.name='" + username + "'";
// -> SQL Query is: SELECT * FROM c WHERE c.name='' OR '1'='1'
// Execute SQL query
const queryResponse = await container.items.query(sqlQuery).toArray();
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment