SQL Injection Part 1 - BASICS WasimHalani (WaSHaL)
./whoami Student Fallible NOT a SQL expert “Do not take anything I say as fact. I have been wrong before and I will be wrong again.” - Nullthreat
OWASP Top 10 A1 – Injection Flaws Injection flaws, such as SQL, OS, and LDAP injection, occur when untrusted data is sent to an interpreter as part of a command or query. The attacker’s hostile data can trick the interpreter into executing unintended commands or accessing unauthorized data. Simpler definition, anyone?
SQL Injection SQL = Structured Query Language Execute a SQL query/statement or syntax by injecting it in an user input field on the web application
Why study it? Barracuda HBGary/ HBGary Federal Appinonline Appinlabs NIIT Mysql.com
Generic SQL - Select SQL> select * from userdb where username=‘xxxx’ and password=‘yyyy’; returns all columns from table ‘userdb’ and every row which have given username and password SQL> select role from userdb where username=‘zzzz’; returns only column ‘role’ where username matches
UNION Operator Combine results of two or more SELECT statements SELECT username,password from user_db UNION SELECT username,password from admin_db SELECT username,password from user_db UNION ALL SELECT username,password from admin_db
ORDER BY Clause Sort results of SELECT query by a specific column number column name