Today we are going to learn What is SQL injection and cheat sheet to better understand of it.
On the web page when SQL is used to display data, then most of the time it allow user to enter the search criteria. The SQL queries on written in text format and easy to change in the code based on the entered search criteria by user. SQL injection is a technique used to inject malicious SQL statements to data-driven application for execution. It SQL injection must exploit a security vulnerability in an application’s software
The SQL Injection vulnerability is the most popular web application vulnerability. The reasons why are quite obvious; it can be easily & automatically detected, and exploited. Once exploited, the attackers can gain access to the backend database of a web application.
You can find gazillion of free automated tools that allow you to scan websites for SQL injection vulnerabilities and unfortunately they are used for the wrong reason, to hack websites. As a matter of fact SQL Injection has been the number one vulnerability in all of the OWASP Top 10 since 2007, and was also included in the OWASP top 10 of 2004.
Though do not let such popularity deceive you. Even though the SQL Injection vulnerability is very easy to detect, and very popular, a lot of web applications are still vulnerability to it. Developers still write code that is vulnerable to SQL injection because even though it is popular and easy to identify, it is a very complex vulnerability.
As a penetration tester, if you had to manually check your websites for SQL injection vulnerabilities, do you think you would do a good job? Or if you are a developer, do you think you can develop a web application that is not vulnerable to SQL Injection? It is easy to find out:
- Do you know the SQL Injection well enough?
- Do you know about all the different types of SQL injections?
- Do you know how many different variants of every type there is?
- Do you know about the all different SQL injection attacks based on the target database server?
SQL Injection is a very complex vulnerability and unless you are familiar with databases, SQL code and web applications it is very difficult to understand. Hence why I would like to recommend to take a look at the SQL Injection cheat sheet from Netsparker. If you’d like to get an overview of the different sections of the SQL Injection cheat sheet, refer to the list below.
- Syntax Reference, Sample Attacks and Dirty SQL Injection Tricks
- Line Comments
- Inline Comments
- Stacking Queries
- If Statements
- Using Integers
- String Operations
- Strings without Quotes
- String Modification & Related
- Union Injections
- Bypassing Login Screens
- Enabling xp_cmdshell in SQL Server 2005
- Finding Database Structure in SQL Server
- Fast way to extract data from Error Based SQL Injections in SQL Server
- Blind SQL Injections
- Covering Your Tracks
- Extra MySQL Notes
- Second Order SQL Injections
- Out of Band (OOB) Channel Attacks
Hope this cheat sheet helps you guys to better understand SQL Injection. Have you worked on SQL injection while testing web application, please share your experience in the comments below:
If you are not regular reader of this website then highly recommends you to Sign up for our free email newsletter!! Sign up just providing your email address below: