I am currently following the module “SQL Injection Fundamentals”. In the chapter “Union Injection”, they use some UNION command that are preceded by cn’. For instance when injecting a 3-column union query:
cn’ UNION select 1,2,3–
I don’t get where the cn’ comes from and what it does. Anyone who can help?
Cn is just the actual command sent to the database. You could replace that with anything such as 1 or whatever. That’s the real command a user would send. The ‘ is the beginning of the injection and it closes out the actual input that users would send in. If you don’t know exactly what the ‘ is or are struggling with the materials, portswigger starts at a lower level for sql injection and does more granular labs.