SQL Injection

This exercise consists of the three tasks described below. You don't need OWASP ZAP or any other intercepting proxy to complete them.
Valid customers are: Arthur Dent, Ford Prefect, Tricia Trillian McMillan, Zaphod Beeblebrox, Marvin, Slartibartfast.

Simple JDBC Statements

Your first task is to attack the database that is queried with simple JDBC statements. Can you successfully attack the database?

Escaped JDBC Statements

Your second task is to attack the database that is queried with escaped JDBC statements. Can you successfully attack the database with the query working before?

Prepared Statements

Your third task is to attack the database that is queried with prepared statements. Can you successfully attack the database with the query working before?