SQL Injection

What is SQL injection?

The primary form of SQL injection consists of direct insertion of code into user-input variables that are concatenated with SQL commands and executed.

How Haker inject script?

Hacker will pass SQL value with the Data and it will execute, even parametrized data can be manipulated by a skilled and determined attacker.SQL injection consists of direct insertion of code into user-input variables that are concatenated with SQL commands and execute.

The following script shows a simple SQL injection. The script builds an SQL query by concatenating hard-coded strings together with a string entered by the user:

var Shipcity;
ShipCity = Request.form ("ShipCity");
var sql = "select * from
Table1 where ShipCity = '" + ShipCity + "'";

The user is prompted to enter the name of a city. If she enters Redmond, the query assembled by the script looks similar to the following:

SELECT * FROM Table1 WHERE ShipCity = 'Redmond'

However, assume that the user enters the following:

Redmond'; drop table OrdersTable--

In this case, the following query is assembled by the script:

SELECT * FROM Table1 WHERE ShipCity = 'Redmond';drop table Table1 --'

When you are concatenating values of type sysname, you should use temporary variables large enough to hold the maximum 128 characters per value. If possible, call QUOTENAME() directly inside the dynamic Transact-SQL. Otherwise, you can calculate the required buffer size as explained in the previous section.

2 Responses

  1. I do not even know how I ended up here, but I
    thought this post was good. I don’t know who you are but certainly you’re going to a famous blogger
    if you are not already 😉 Cheers!

  2. Yes Mite, I am trying my best to help Database Geek!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: