SQL Injection Walkthrough

If you already know what SQL Injections are and do, you may want to skip the first paragraph of this guide as it is bringing everyone else up to speed. Wikipedia defines SQL injections in the following way: SQL injection is a security vulnerability that occurs in the database layer of an application. Its source is the incorrect escaping of dynamically-generated string literals embedded in SQL statements. It is in fact an instance of a more general class of vulnerabilities that can occur whenever one programming or scripting language is embedded inside another.

What does it mean in plain English? Attackers try to inject code in to websites by finding loopholes in scripts that run on the site. This can be a form on the website or any other script running on it that is not properly protected from these kind of injections.

The article "SQL Injection Walkthrough" helps you identify vulnerable scripts and explains the methods to test, verify and exploit those vulnerabilities. After reading the article you will have a basic understanding of the techniques used by attackers and if you follow the links given at the end you can dive deeper into the topic.

The guide is divided into the following chapters:

• What is SQL Injection
• What should you look for
• What if you can't find any page that takes input?
• How do you test if it is vulnerable?
• But why ' or 1=1-?
• How do I get remote execution with SQL injection
• How to get output of my SQL query?
• How to get data from the database using ODBC error message
• How to mine all column names of a table
• How to retrieve any data we want?
• How to get numeric string value?
• How to update/insert data into the database
• How to avoid SQL injection?
• Where to get more information

While being an introduction to SQL Injections, it is recommended to have at least some programming experience, as it makes it a lot easier to follow the guide since code examples are frequently used in the guide to explain the concepts. It should not be too difficult but basic understanding of SQL helps a lot.