SQL Injection

A.o.A

" SQL Injection"

SQL

 SQL stand of Structured Query Language (SQL) injection is covered.

 SQL Injection is basically insertion of malicious code or script by exploiting vulnerabilities to launch an attack powered by baCk-end components.

SQL Injection is a popular and complex method of attack on web services,applications, and Databases.

It requires deep knowledge about web application processes and its components such as databases and SQL.

SQL Injection Attacks uses SQL websites or web applications. It relies on the strategic injection of malicious code or script into existing queries.

SQL injection is a powerful and dangerous attack. It identifies the flaws and vulnerabilities in a website or application

SQL injection vulnerability

Types of SQL Injection

SQL Injection can be classified into three major categories:

ln-band SQLi

In-Band SQL injection is a category which includes injection techniques

using same communication channel to launch the injection attack and gather

information from the response. In-Band Injection techniques include: -

Error-based SQL Injection

Union based SQL Injection

lnferential SQLi

In an Inferential SQL Injection, no data is transferred from a Web 

application.The attacker is unable to see the result of an attack hence

referred as a Blind injection.

Out-of—band SQLi 

Out-of—band SQL injection is the injection technique that uses different

channels to launch the injection and gather the responses. It requires some

features being enabled such as DNS or HTTP requests on database server

hence it is not very common

SQL Injection Methodology

>Information Gathering and SQL Injection Vulnerability Detection

>Launch SQL Injection Attacks

>Advanced SQL Injection

In the  phase of information gathering , Collect the information about the web

application, operating system, database and the structure of the components.

Evaluation of extracted information will be helpful to identify the

vulnerabilities to exploit. Information can be gathered by using different tools

and techniques such as injecting codes into the input fields to observe the

response of error messages. Evaluation of input field, hidden fields, get and

post requests, cookies, string values and detailed error messages can reveal

enough information to initial injection attack.

Appropriate SQL injection attack from the category cab be initiate just after

gathering the information about the structure of database and vulnerabilities

found. By exploiting them, the injection can be successful. SQL injection

attacks such as Union SQL injection, Error-based SQL injection, Blind SQL

injection and other can be used to extract information from the database such

as extracting Database name, tables, columns, rows, and fields. The injection

can also have intended for bypassing the authentication.

Advanced SQL injection may include an enumeration of databases like

MySQL, MSSQL, MS Access, Oracle, DB2, or Postgre SQL, tables and

column in order to identify privilege level of users, account information of

database administrator and database structure disclosure. it also includes

passwords and hashes grabbing, and transferring the database to the remote

machine.

Testing of SQL Injection