SQL Injection
What?
SQL injection is a web security vulnerability, in which an attacker injects malicious code or query which poisons SQL statements to comment out certain parts of the statement or appending a condition that will always be true (1 = 1) to modify the database or retrieve data that a normal user should not see, or worse erasing the whole data!
How?
SQL injections usually occur when you ask for user input, like their username, etc. The primary form of such an injection involves direct code insertion into the user input.
Usually, the input field expecting a particular type of data receives unexpected information, such as a command that gets appended to the SQL query and gets executed, allowing for potentially harmful behavior.
The attack works on dynamic SQL statement, i.e a statement that is generated at run time using the input parameters given by the user.
Effects
A successful SQL injection can result in unauthorized access to sensitive data, such as credit card details, personal information, etc. It also enables the attacker to modify the data (INSERT, DELETE), giving the attacker administrative privileges on the database.
SQL injection on big companies leads to reputational damage and impacts the confidentiality, integrity, authorization, and authentication aspects.
Sometimes an attacker can obtain a persistent backdoor, leading to long-term compromise that can go unnoticed.
Prevention
- It is a good practice to always validate user input by testing different aspects like length, format, and range.
- Use Type-Safe SQL parameters, which treats the input as a literal value instead of ac executable code
- Parameterized statements
- Pattern checking
- Database permissions
PS: I have just listed only a few, I’ll be writing a more in-depth article related to this soon!
Tools
A few automation tools that help you perform the SQLi are:
- SQLMap
- SQLPing
- SQLSmack
Give this a 👏 if you found it useful!
