Careful
Security

SQL Injection

SQL Injection

What is SQL Injection?

SQL Injection is a web security vulnerability that allows an attack to interfere with the queries that an application makes to its database. It generally allows an attacker to view data that they are not normally able to retrieve. This might include data belonging to other users, or any other data that the application itself is able to access. In many cases, an attacker can modify or delete this data, causing persistent changes to the application’s content or behavior. 

In some situations, an attacker can escalate an SQL injection attack to compromise the underlying server or other back-end infrastructure, or perform a denial-of-service attack. 

How is SQL Injection executed?

A hacker executes an SQL Injection with an SQL statement that is always true. For instance, 1=1; instead of just entering the “wrong’ input, the hacker uses a statement that will always be true. Entering “100 or 1=1” in the query input box will return a response with the details of a table. 
 

How do you prevent SQL Injection?

SQL injections are typically performed via web page or application input. These input forms are often found in features like search boxes, form fields, and URL parameters. The best solution to this vulnerability is to provide input validation and sanitization to the web page or application. 

You should always use parameterized statements where available. 
For example, when you’re running a programming languages that talk to SQL databases, you do not want to create explicit construction of the SQL string. 

 

SQL Injection

On this code you can see ’email’ is explicitly constructed on the SQL string. This allows the full SQL statement to be constructed before the driver is invoked, meaning we are vulnerable to maliciously crafted parameters. 

In order to fix this issue, we have to create a parameterized statements 

SQL Injection

The key difference is the data being passed to the executeQuery(…) method. In the first case, the parameterized string and the parameters are passed to the database separately. This allows the driver to correctly interpret them. 

What does hackers gain from SQL Injection attacks?

The motivations behind an SQL injection attack are often financial. Hackers might sell sensitive data on the dark web, or malicious groups may wish to give themselves an advantage by setting your business back.

 

What damage can SQL Injection do in terms of business?

SQL injection attacks pose a serious security threat to organizations. A successful SQL injection attack can result in confidential data being deleted, lost or stolen; websites being defaced; unauthorized access to systems or accounts and, ultimately, compromise of individual machines or entire networks.