If the page loads normally, the attacker knows the database is expecting 6 columns.
This is likely a or "signature" used by an automated vulnerability scanner (such as Burp Suite, SQLmap, or Acunetix). If the page loads normally, the attacker knows
If the page returns an error (like "The used SELECT statements have a different number of columns"), the attacker will try again with five or seven NULL values until the error disappears. 4. -- (The Comment) In SQL, double-dashes signify the start of a comment. such as UNION SELECT username
: For a UNION to work, the second query must have the exact same number of columns as the first query. 3. SELECT NULL,NULL,NULL,NULL,NULL,NULL NULL... to steal sensitive information.
: This "comments out" the rest of the original SQL query written by the developers.
: The database returns a row of empty data. The attacker now knows the table has 6 columns and can proceed to more dangerous injections, such as UNION SELECT username, password, NULL... to steal sensitive information.