This particular SQL statement is passed to a function which in turn sends the string to the connected database where it is parsed, executed and returns a result. $statement = "SELECT * FROM users WHERE username ='$user' AND password '$password'" The application will interpret the value part of an SQL command rather than merely data, the database then executes the SQL command as modified by the attacker.Ĭonsider the following example in which a website user is able to change the values of ‘$user’ and ‘$password’, such as in a login form: Attack: Here attacker provides carefully crafted value for the argument.Research: Attacker gives some random unexpected values for the argument, observes how the application responds, and decides an attack to attempt.This query has one or two arguments so that only desired records are returned when the value for that argument is provided by a user.Īn SQL Injection attack plays out in two stages: Now, how does an attacker achieve that?Ī developer usually defines an SQL query to perform some database action necessary for his application to function. It all depends on the capability of the attacker, but sometimes an SQL Injection attack can lead to a complete takeover of the database and web application. Enumerate the authentication details of a user registered on a website and use the data in attacks on other sites.Add, modify and delete data, corrupting the database, and making the application or unusable.Inject further malicious code to be executed when users access the application.Easily control application behavior that’s based on data in the database.Bypass a web application’s authorization mechanisms and extract sensitive information.By leveraging an SQL Injection vulnerability, given the right circumstances, an attacker can do the following things: There are a lot of things an attacker can do when exploiting an SQL injection on a vulnerable website. SQL Injection attack is one of the popular ways of targeting databases. SQL Injection targets the databases using specifically crafted SQL statements to trick the systems into doing unexpected and undesired things. However, hackers found new ways to leverage the loopholes present in SQL technology. MySQL became the most popular and standardized language for accessing and manipulating databases. This led to the development of server-side scripting languages like JSP and PHP. Websites started storing user input and content in databases. But as the websites gained popularity the need for more advanced technology and dynamic websites grew. In the early days of the internet, building websites was a simple process: no JavaScript, no, CSS and few images. SQL Injection (SQLi) is an injection attack where an attacker executes malicious SQL statements to control a web application’s database server, thereby accessing, modifying and deleting unauthorized data. If you are interested in this domain, check the live CompTIA Security+ Training. Anonymity is just a simple thing in Ethical Hacking & CyberSecurity.