How To Use SQL Injection
In this article, you will learn what SQL injection is and how to use SQL Injection.
SQL injection is used to inject SQL commands into SQL database. This command is used to modify SQL database and adjust the security of a Web Application. SQL injection can effort conscious data from SQL, it updates and executes the data in the tables and recovers the data of a file in the DBMS file system.
The injection process works by determining a text string early and attaches a new command. SQL Injection attaches some strings, before it is run.
When we use SQL injection, we have no idea about its attack and an Application. There is a way to do SQL injection.
Identify the back end database
In this area, first, we will identify the database, which is used by the Web Application. We can use an extension name of the Web page to find the back-end database.
ASP.NET is a script language, which uses MS-SQL.
JSP is a script language, which uses Oracle.
PHP is a script language, which uses MYSQL.
All databases have a different syntax to execute a query such as a query to identify the database.
Select * from tablename where name = avi AND id=2
Select * from tablename where name=ashu \\ id=1
select fieldname from tablename where salary > 2000 AND age < 25;
Each database has some attributes with the unique meaning. S as we use single quote (‘) and the braces ([,]) in SQL, but sometimes it is necessary to accept such characters.
We know that in SQL Injection, attacker doesn't know the username, then
- We can simply use a "1=1" concept as in the following example.
We can say that actual purpose of the code was to create an SQL statement, to select a user with a given user data. It stop the user from include wrong input, the user can enter some smart input like:
fieldname: 105 or 1=1
select * from tablename where fieldname = 105 or 1=1;
Above query will return all rows of the table, so the condition is true.
- If, SQL Injection Based on "=" is Always True
Explain this concept, we will use a simple login form of a user.
UserName = getRequestString("UserName");
UserPass = getRequestString("UserPass");
When we want to usernames and passwords in a database then only inserted " or "=" into the
required text box.
This code will create a valid SQL statement.
select * from fieldname where Name AND Pass
Thus, we learned that SQL injection is used to inject the queries and also learn its use in SQL.