Tuesday, September 18, 2007

Heard about SQL Injection !!!

What is SQL Injection??
SQL Injection is one of the many web attack mechanisms. As a result data from organizations are stolen by Hackers. It is an application layer attack techniques used nowadays. It is the type of attack that takes advantage of falulty coding of web applications that allows hacker to inject SQL commands into say a login form to allow them to gain access to the data held within your database.

SQL Injection is the hacking technique which attempts to pass SQL commands (statements) through a web application for execution by the backend database. If not guarded properly, web applications may result in SQL Injection attacks that allow hackers to view information from the database and/or even wipe it out.

A simple instance;
Take for instance, a simple login page where a valid user would enter his username and password to view his personal details or upload his comments in a forum.
What actually happens When the legitimate user submits his details.... Once the user input data, an SQL query is generated from these details and submitted to the database for verification. If a match is found, the user is allowed access. In other words, the web application that controls the login page will communicate with the database through a series of pre-defined commands so as to verify the username and password combination. On verification, the legitimate user is granted appropriate access.


Through SQL Injection, the hacker may input specifically manipulated SQL commands with the intent of bypassing the login form barrier and seeing what lies behind it. This is only possible if the inputs are not properly sanitised (i.e., made invulnerable) and sent directly with the SQL query to the database. SQL Injection vulnerabilities provide the means for a hacker to communicate directly to the database
The impact of SQL Injection could be of the following;

An attacker may execute arbitrary SQL statements on the vulnerable system. This may compromise the integrity of your database and/or expose sensitive information. Depending on the back-end database in use, SQL injection vulnerabilities may lead to varying levels of data/system access for the attacker. It may also be possible to manipulate existing queries, to UNION (used to select related information from two tables) arbitrary data, use subselects, or append additional queries.
Thus, If an attacker can obtain access to your database, it could spell disaster.

Unfortunately the impact of SQL Injection is only uncovered when the theft is discovered.......


No comments: