SQL Injection is a web based attack used by hackers to steal sensitive information from organizations through web applications. It is one of the most common application layer attacks used today. This attack takes advantage of improper coding of web applications, which allows hackers to exploit the vulnerability by injecting SQL commands into the prior web application.
The underlying fact that allows for SQL Injection is that the fields available for user input in the web application allow SQL statements to pass through and interact with or query the database directly.
For example, let us consider a web application that implements a form-based login mechanism to store the user credentials and performs a simple SQL query to validate each login attempt. Here is a typical example:
select * from users where username=’admin’ and password=’admin123′;
If the attacker knows the username of the application administrator is admin, he can login as admin without supplying any password.
admin’–
The query in the back-end looks like:
Select * from users where username=’admin’–’ and password=’xxx’;
Note the comment sequence (–) causes the followed query to be ignored, so query executed is equivalent to:
Select * from users where username=’admin’;
So password check is bypassed.
Different types of SQL Injections There are 3 different kinds of SQL Injections possible on web applications. They are:
In-band Out-band Inferior.
Conclusion:
SQL Injection is a technique which is used to dump a complete database of the application by including few portions of SQL statements in the entry field or the URL.