Create b.java

Signed-off-by: rajapandi1234 <[email protected]>
mosip · Nov 27, 2024 · af87f20 · af87f20
1 parent 31d34c9
commit af87f20
Showing 1 changed file with 29 additions and 0 deletions.
diff --git a/b.java b/b.java
@@ -0,0 +1,29 @@
+import java.sql.Connection;
+import java.sql.DriverManager;
+import java.sql.ResultSet;
+import java.sql.Statement;
+
+public class VulnerableApp {
+    public static void main(String[] args) {
+        String userInput = "test'; DROP TABLE users; --"; // Simulated malicious input
+
+        try {
+            // Connect to the database
+            Connection connection = DriverManager.getConnection("jdbc:mysql://localhost:3306/testdb", "root", "password");
+
+            // Vulnerable: User input directly concatenated into SQL query
+            String query = "SELECT * FROM users WHERE username = '" + userInput + "'";
+            Statement statement = connection.createStatement();
+            ResultSet resultSet = statement.executeQuery(query);
+
+            // Print the results
+            while (resultSet.next()) {
+                System.out.println("User: " + resultSet.getString("username"));
+            }
+
+            connection.close();
+        } catch (Exception e) {
+            e.printStackTrace();
+        }
+    }
+}