What is a sql injection

What is SQL Injection?
SQL Injection - \S-Q-L-in-'jek-shen\ - Noun
The technique of inputting malicious data into an SQL statement, which would therefore make the vulnerability present on the database layer.

What It Looks Like?
The vast majority of all SQL injections will take place on an input form.
The most basic of all SQL injections will look like the following:

The Basic SQL injection is :


Quote:
Variable' or 1=1--


Let’s say we have a login form. By inputting the above code, we can use our SQL injection to gain login even without proper credentials!

How’s it work?
Take a look..


Code:
SELECT * FROM users WHERE username = 'Variable' or 1=1--'



See how our code is nicely injected into the query? The result of this query will grant us access regardless of the username, since the result of “1=1? will always be true. In this case, we bypass the whole selection process.

You may have been wondering what the double dashes are for ( — ). These dashes at the end tell the SQL server to ignore the rest of the query. If the exploit isn’t being used on an SQL server, then omitting the double dashes and ending single quote will get the desired results.

Note that while this is the most standard way, it certainly isn’t the only way that malicious users will gain entry. SQL queries will differ greatly from one syntax to another.
It’s also common to see the following:


Code:
') or ('1'='1
"or "1"="1
' or '1'='1
Or 1=1--
" or 1=1--
' or 1=1--



SQL Injection: Attacking Via URLs
As we know it is possible to attack an SQL server through URL and usually much more dangerous to webmasters.
When using PHP and SQL, there is commonly a URL such as the following:


Code:
http://YourWebsite.com/page.php?id=2



By adding a little SQL to the end of the URL, we can attack on SQL server..

I think this is enough, Now Let’s finally find out how to secure your website from SQL injection.


SQL Injection Prevention: Editing Lengths Of Form Components
The first step in the process is simple: simply restrict input fields to the absolute minimum- usually anywhere from 7-12 characters is fine. Doing so will make long queries unable to be input, since the field is only enough characters for smaller queries. This will actually not prevent an SQL injection, but will make work harder for those trying to make use of one.

Note :SQL injection users can simply make a new form and remove the limits on the character length, since the length is in plain HTML and viewable (and editable) by anyone.

SQL Injection Prevention: Data Type Validation
Another good idea is to validate any data once it is received. If a user had to input an age, make sure the input is an actual number. If it was a date, make sure the date is in proper format. Again, this will not prevent an SQL injection in itself- it just makes work harder for those trying to exploit an SQL server.

Note: This is still only slowing attackers down- but isn’t it much more satisfying to have them waste their time before finding out one’s own query is impervious to harm?

SQL Injection Prevention: The Solution In Preventing SQL Attacks
We’ll accomplish this with a simple function that the developers of PHP made especially for SQL injections. We call this function mysql_real_escape_string() - take a look at it below:

Code:
$name = "John";
$name = mysql_real_escape_string($name);
$SQL = "SELECT * FROM users WHERE username = '$name'";



Although for a more practical use, we would have the $name variable pointed to a POST result, as seen below:

Code:
$name = mysql_real_escape_string($_POST['user']);



And we can even make things easier by putting it into one line:

Code:
$SQL = "SELECT * FROM users where username = "mysql_real_escape_string($POST['user']);



So what’s the output like if malicious users try to get access to our SQL server?
Their attempts may look something like this:


Code:
$malcious_input = "' OR 1'";
// The Above Is The Malicious Input. Don't Be Scared!
// With The mysql_real_escape_string() usage, the following is obtained:

\' OR 1\'
// Notice how the slashes escape the quotes! Now users can't enter malicious data



And the best part is, they just wasted their time and effort for nothing.

Lastly, note that there are libraries and classes that can help aid in the fight against SQL injection. Prepared statements are plausible as well, but as for us, we enjoy sticking to the mysql_real_escape_string() function for less headaches.

5 comments:

  1. urdustudy.blogspot.com
    Kamaal Ki Website hy

    ReplyDelete
  2. Hey Guys !

    USA Fresh & Verified SSN Leads with DL Number AVAILABLE with 99.9% connectivity
    All Leads have genuine & valid information

    **HEADERS IN LEADS**
    First Name | Last Name | SSN | Dob | DL Number | Address | City | State | Zip | Phone Number | Account Number | Bank Name | Employee Details | IP Address

    *Price for SSN lead $2
    *You can ask for sample before any deal
    *If anyone buy in bulk, we can negotiate
    *Sampling is just for serious buyers

    ==>ACTIVE, FRESH CC & CVV FULLZ AVAILABLE<==
    ->$5 PER EACH

    ->Hope for the long term deal
    ->Interested buyers will be welcome

    **Contact 24/7**
    Whatsapp > +923172721122
    Email > leads.sellers1212@gmail.com
    Telegram > @leadsupplier
    ICQ > 752822040

    ReplyDelete
  3. i was lost with no hope for my wife was cheating and had always got away with it because i did not know how or

    always too scared to pin anything on her. with the help a friend who recommended me to who help hack her phone,

    email, chat, sms and expose her for a cheater she is. I just want to say a big thank you to

    SUPERIOR.HACK@GMAIL.COM . am sure someone out there is looking for how to solve his relationship problems, you can also contact him for all sorts of hacking job..he is fast and reliable. you could also text +1 213-295-1376(whatsapp) contact and thank me later

    ReplyDelete
  4. Hi Guy's

    Fresh & valid spammed USA SSN+Dob Leads with DL available in bulk.

    >>1$ each SSN+DOB
    >>2$ each with SSN+DOB+DL
    >>5$ each for premium (also included relative info)

    Prices are negotiable in bulk order
    Serious buyer contact me no time wasters please
    Bulk order will be preferable

    CONTACT
    Telegram > @leadsupplier
    ICQ > 752822040
    Email > leads.sellers1212@gmail.com

    OTHER STUFF YOU CAN GET

    SSN+DOB Fullz
    CC's with CVV's (vbv & non-vbv)
    USA Photo ID'S (Front & back)

    All type of tutorials available
    (Carding, spamming, hacking, scam page, Cash outs, dumps cash outs)

    SMTP Linux Root
    DUMPS with pins track 1 and 2
    Socks, rdp's, vpn's
    Server I.P's
    HQ Emails with passwords

    Looking for long term business
    For trust full vendor, feel free to contact

    CONTACT
    Telegram > @leadsupplier
    ICQ > 752822040
    Email > leads.sellers1212@gmail.com

    ReplyDelete
  5. I-C-Q 752822040
    TeLe GrAm @killhacks

    All types of Fresh FUllZ Available in bulk quantity
    SSN+DOB
    SSN+DOB+DL
    High Credit Scroes Fullz (USA)
    CC FULLZ WITH CVV (vbv/non vbv)
    DUMPS WITH PIN CODES TRACK 101 & 202

    HAC-KING/SPA-MMING/CAR-DING/SCR-iPTING
    All Tools & Complete Tutorials Guide
    Cpan-els/Shells
    Key-loggers/RAT-S
    SM-TP/RDP
    MAIL-ERS
    DE-EP/DAR-K WEB COMPLETE COURSE

    I-C-Q 752822040
    TeLe GrAm @killhacks
    CONTACT

    ReplyDelete