Tuesday, 18 November 2008

SQL Injection

SQL injection has three primary goals:

  1. Accessing information,
  2. Destroying data, and
  3. Modifying data.
The goal of the attacker and the likelihood of each will vary dependent on the composition of the organization running the database. The most common form of SQL injection is through the addition of the SQL command, “OR 1=1” to an input field. The addition of this clause to the last part of a query may make the query true.

For example, with a query such as:
“SELECT * FROM users WHERE username = ‘administrator’ and password = ‘password’

An attacker could attempt to add ‘OR ‘’ = ‘ changing the SQL statement to:
“SELECT * FROM users WHERE username = ‘administrator’ and password = ‘password‘OR ‘’ = ‘’

This could potentially allow the attacker to bypass the database authentication.

No comments: