...

Networking - Ethical Hacking

Back to Course

Lesson Description


Lession - #1179 SQL Injection


SQL injection is an assault where the programmer utilizes unvalidated client contribution to enter erratic information or SQL orders; noxious questions are developed and when executed by the backend data set it brings about undesirable outcomes. The aggressor ought to have the information on foundation data set and he should utilize various strings to build vindictive inquiries to present them on the objective.

For Example, in client login screen, username and password word are the unique fields where clients enter the information. Contingent on the client's bits of feedbacks dynamic questions will be developed; the typical inquiry will be.

Select * from users table where username=’Username.txt’ and password=’Password.txt’.

In the event that the information fields are not disinfected as expected, then the vindictive client can enter a few information like this.

Username = blah’ or 1=1—
Password = password
Here both username and password key are erroneous. Yet, the question which is developed will be.

Select * from clients where username='blah' or 1=1-and password='password'.

The question will run and the client will be conceded admittance. This is on the grounds that the initial segment of the query is.

Select * from clients where username='blah' or 1=1-

Since - is a remark line in SQL, all that it be overlooked to follow that will. The inquiry will just approve between username='blah' or 1=1.

Since 1=1 is generally evident, the client will be allowed admittance.