SQL Injection is a technique to potentially impact the system of web world. It is used to take advantage of available vulnerable points of the system. It is just like inserting a SQL statement to be run on our database without information and confirmation to take full advantage of weak point. For example, in a registration or login page of a web system, instead of entering required information we used to enter SQL statement and force to run on our database to get their information from the database.
For example let's take a SQL statement
Select * from employee where first_name='"+first_name+"';
Here user is asked to enter first name and if user enter first_name as pawan then SQL statement would be similar to Select * from employee where first_name='pawan';
But if user enter first_name as pawan;drop table employee-- then SQL statement would be similar to
Select * from employee where first_name='pawan';drop table employee--
Here the semicolon (;) denotes the end of one query and the start of another. The double hyphen (--) indicates that the rest of the current line is a comment and should be ignored. Here the modified code is syntactically correct and hence it will be executed by the server. But when SQL Server processes this statement, SQL Server will first select all records in employee where first_name is pawan. Then, SQL Server will drop table employee.
No comments:
Post a Comment