SQL Injection

INTRODUCTION

In this post I’ll be giving you an overview about SQL (structured query language) and SQL Injection (also known as SQLi)

What is SQL?

SQL is Structured Query Language, which is a computer language for storing, manipulating and retrieving data stored in a relational database.

SQL is the standard language for Relational Database System. All the Relational Database Management Systems (RDMS) like MySQL, MS Access, Oracle, Sybase, Informix, Postgres and SQL Server use SQL as their standard database language.

Also, they are using different dialects, such as −

  • MS SQL Server using T-SQL,
  • Oracle using PL/SQL,
  • MS Access version of SQL is called JET SQL (native format) etc.

Why SQL?

SQL is widely popular because it offers the following advantages −

  • Allows users to access data in the relational database management systems.
  • Allows users to describe the data.
  • Allows users to define the data in a database and manipulate that data.
  • Allows to embed within other languages using SQL modules, libraries & pre-compilers.
  • Allows users to create and drop databases and tables.
  • Allows users to create view, stored procedure, functions in a database.
  • Allows users to set permissions on tables, procedures and views.

Checkout the below links for further reading :-

https://www.sqlcourse.com/

https://www.w3schools.com/sql/sql_intro.asp

Introduction to SQL Injection

SQL injection is an attack where the hacker makes use of unvalidated user input to enter arbitrary data or SQL commands; malicious queries are constructed and when executed by the backend database it results in unwanted results. The attacker should have the knowledge of background database and he must make use of different strings to construct malicious queries to post them to the target.

For Example, in user login screen, username and password are the dynamic fields where users enter the data. Depending upon the user’s inputs dynamic queries will be constructed; the usual query will be

user id password query

Select * from users table where username=’Username.txt’ and password=’Password.txt’.

If the input fields are not sanitized properly, then the malicious user can enter some data like this

Username = blah’ or 1=1—

Password = password

Here both username and password are incorrect. But the query which is constructed will be

Select * from users where username=’blah’ or 1=1—and password=’password’

The query will run and the user will be granted access. This is because the first part of the query is

Select * from users where username=’blah’ or 1=1—

Because – is a comment line in SQL, everything following that will be ignored. The query will only validate between username=’blah’ or 1=1.

Because 1=1 is always true, the user will be granted access.

Check out the below link for further reading :-

https://www.w3schools.com/sql/sql_injection.asp

Once you have understood the basics of SQL ,

proceed with the further posts to understand how to perform sql injection attacks!!!

If u face any kind of issue or need some help in it’s additional features,feel free to leave a comment or directly connect with me on my Instagram handle,my mail or my WhatsApp group…..details of which are mentioned on my home page 🤗

daNiN hacking Tutorials