SQL Injection Walkthrough

Martin Brinkmann
May 16, 2006
Updated • May 5, 2013

If you already know what SQL Injections are and do, you may want to skip the first paragraph of this guide as it is bringing everyone else up to speed. Wikipedia defines SQL injections in the following way: SQL injection is a security vulnerability that occurs in the database layer of an application. Its source is the incorrect escaping of dynamically-generated string literals embedded in SQL statements. It is in fact an instance of a more general class of vulnerabilities that can occur whenever one programming or scripting language is embedded inside another.

What does it mean in plain English? Attackers try to inject code in to websites by finding loopholes in scripts that run on the site. This can be a form on the website or any other script running on it that is not properly protected from these kind of injections.

The article "SQL Injection Walkthrough" helps you identify vulnerable scripts and explains the methods to test, verify and exploit those vulnerabilities. After reading the article you will have a basic understanding of the techniques used by attackers and if you follow the links given at the end you can dive deeper into the topic.

The guide is divided into the following chapters:

  • What is SQL Injection
  • What should you look for
  • What if you can't find any page that takes input?
  • How do you test if it is vulnerable?
  • But why ' or 1=1-?
  • How do I get remote execution with SQL injection
  • How to get output of my SQL query?
  • How to get data from the database using ODBC error message
  • How to mine all column names of a table
  • How to retrieve any data we want?
  • How to get numeric string value?
  • How to update/insert data into the database
  • How to avoid SQL injection?
  • Where to get more information

While being an introduction to SQL Injections, it is recommended to have at least some programming experience, as it makes it a lot easier to follow the guide since code examples are frequently used in the guide to explain the concepts. It should not be too difficult but basic understanding of SQL helps a lot.


Previous Post: «
Next Post: «


  1. rudi said on May 24, 2006 at 5:45 am

    is my web can be HACK if i send [‘ or “1”=”1″–] srvr respond
    Microsoft OLE DB Provider for ODBC Drivers error ‘80040e14’
    [Microsoft][ODBC SQL Server Driver][SQL Server]Line 1: Incorrect syntax near ‘1’.
    /search.asp, line 166

    but i try to insert many SQL INJECTION does not respond anything
    please help me howto hack this !

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.