Documents
Resources
Learning Center
Upload
Plans & pricing Sign in
Sign Out

sql

VIEWS: 29 PAGES: 4

									SQL Injection
Vulnerability of web applications

What‘s SQL Injection?






Technique for exploiting web applications that use client-supplied data Stripping of potentially harmful characters is missing Simple to prevent, but number of vulnerable services is still astonishing

Authorization Bypass
SQLQuery = "SELECT Username FROM Users WHERE Username = ‘" & strUsername & "‘ AND Password = ‘" & strPassword & "‘„; strAuthCheck = GetQueryResult(SQLQuery); If strAuthCheck = "" Then boolAuthenticated = False; Else boolAuthenticated = True; End If;

Example

“Break out“ of quotes
$query = „SELECT CompanyName FROM Shippers WHERE ID = $id“;

Unchecked user input

$query = „SELECT CompanyName FROM Shippers WHERE ID = 0 UNION ALL SELECT CompanyName FROM Customers“;


								
To top