SQL Injection
Description
Injection is a security vulnerability that allows an attacker to alter backend SQL statements by manipulating the user supplied data.
Injection occurs when the user input is sent to an interpreter as part of command or query and trick the interpreter into executing unintended commands and gives access to unauthorized data.
The SQL command which when executed by web application can also expose the back-end database.
Implication
An attacker can inject malicious content into the vulnerable fields.
Sensitive data like User Names, Passwords, etc. can be read from the database.
Database data can be modified (Insert/Update/ Delete).
Administration Operations can be executed on the database
Vulnerable Objects
Input Fields
URLs interacting with the database.
Examples:
SQL injection on the Login Page
Logging into an application without having valid credentials.
Valid userName is available, and password is not available.
Test URL: http://demo.testfire.net/default.aspx
User Name: sjones
Password: 1=1′ or pass123
SQL query created and sent to Interpreter as below
SELECT * FROM Users WHERE User_Name = sjones AND Password = 1=1′ or pass123;
Recommendations
White listing the input fields
Avoid displaying detailed error messages that are useful to an attacker
Share Your Feedback Here !!