SQL Injections are a type of injection flaw. Injection flaws are a security vulnerability that allows the user to gain access to the backend database, shell command, or operating system call if the web app takes user input.
In SQL Injection, hackers append additional information within input boxes and can create, read, update, or delete data within the database. SQL Injection is the most common type of injection attack.
In the password column type:
abc' OR 1==1 --
The backend SQL command is:
SELECT * FROM users WHERE email = \$email AND PASSWORD = sha256($password)
Here, when the user adds the value or email and password, the command becomes:
SELECT * FROM users WHERE email = abc@j.com AND PASSWORD = sha256(abc') OR 1==1 -- )
Since the above command contains 1==1, which is always true, the system grants access to the email .
In the username and password column, type:
" or ""="
The backend SQL command is:
SELECT * FROM users WHERE user = "+u+" AND PASSWORD = "+p+";
Here, when the user adds the value or email and password, the command becomes:
SELECT * FROM users WHERE user = "" OR ""="" AND PASSWORD = "" OR ""="";
Since the above command returns true, access is granted.
In the username column type:
"; DROP Table users
The backend SQL command is:
SELECT * FROM users WHERE user = "+u+";
On input it becomes:
SELECT * FROM users WHERE user = "" ; DROP Table users;
This attack results in the user’s Table being deleted from the database.
Make use of input validation (sanitization). Input validation results in the system automatically identifying troublesome input and dropping the requests.
Make use of prepared statements. In prepared statements, the data is stored in a prepared statement that is passed into the SQL query after being sanitized.
PreparedStatement statement = connection.prepareStatement("SELECT * FROM users WHERE username = ?");
statement.setString(1, user);
ResutSet result = statement.executeQuery();
Free Resources