SQL injection is a type of security exploit/vulnerability in which the attacker submits a SQL code to a Web form input box exposing the back-end
database to gain access to resources or make changes to data. SQL injection allows an attacker to create, read, update, alter or delete data stored in the back-end database. A SQL injection attack can occur when a web application utilizes
user-supplied data without proper validation or encoding as part of a
command or query.
Typically,
on a Web form for user authentication, when a user enters their name and
password into the text boxes provided for them, those values are
inserted into a SELECT query as it is. If the values entered are found as
expected, the user is allowed access; if they aren't found, access is
denied. However, most Web forms have no mechanisms in place to block
input other than names and passwords. Unless such precautions are taken,
an attacker can use the input boxes to send their own request to the
database, which could allow them to download the entire database or
interact with it in other illicit ways.
More than 20 percent of all web vulnerabilities being attributed to
SQL injection, this is the second most common software vulnerability, as due to it anyone can get access to the database of your system.
Therefore, having the ability to find and prevent SQL injection should
be top of mind for web developers and security personnel. In general, a
SQL injection attack exploits a web application that does not properly
validate or encode user-supplied input and then uses that input as part
of a query or command against a back-end database.
If your web application has a form asking for a user id. Then a hacker may write any user id "number or 1=1" if you have not done proper validation before using the input then this may compromise your database security. Hacker may also use a complete query like for the above example hacker may write "# or 1=1; Select * from users ; --" if this query executes then whole of your users information can be displayed and remaining of your query will be commented to avoid errors.
According to security experts, the reason that SQL injection and many other exploits, such as cross-site scripting,
are possible is that security is not sufficiently emphasized in
development. To protect the integrity of Web sites and applications,
experts recommend simple precautions during development such as
controlling the types and numbers of characters accepted by input boxes.
Prevention
You can prevent SQL injection if you adopt an input validation technique
in which user input is authenticated against a set of defined rules for
length, type and syntax and also against business rules. Most of the languages provide support for prevention of sql injection by the use of prepared statements/queries which checks the parameters to be used in the query for sql injection. Use strongly typed parameterized query APIs with placeholder substitution markers, even when calling stored procedures. Show care when using stored procedures since they are generally safe
from injection. However, be careful as they can be injectable (such as
via the use of exec() or concatenating arguments within the stored
procedure).
Posted on:
Monday 14 December 2015
Zain Aftab
attack
definition
errors
exploit
exploits
fatal
hacker
help
introduction
PHP
prevention
queries
query
security
Select
sql
Sql injection
vulnerability
web development
website development
Comments
Thank you for your comment :)