SQL Injection Attacks by Example

Martin Brinkmann
Jun 6, 2006
Updated • May 6, 2013

SQL injections are an attack form on the Internet that make use of security vulnerabilities in the database layer of an application. Its source is the incorrect escaping of dynamically-generated string literals embedded in SQL statements. It is in fact an instance of a more general class of vulnerabilities that can occur whenever a programming or scripting language is embedded inside another.

So, it basically may give you options to manipulate the database of the service or retrieve information from it, something which no one without proper authorization should be able to do. It is therefore or utmost importance that web developers protect their applications against this attack from by making sure that everything is properly escaped.

SQL Injection Attacks by Example gives you a detailed view how experts used the technique to break into systems of companies that hired them to perform security tests on company networks or properties.

There have been other papers on SQL injection, including some that are much more detailed, but this one shows the rationale of discovery as much as the process of exploitation.

The example addresses provides you with the following information and examples.

  • The Target Intranet
  • Schema field mapping
  • Finding the table name
  • Finding some users
  • Brute-force password guessing
  • The database isn't read-only
  • Adding a new member
  • Mail me a password
  • Other approaches
  • Mitigation
  • Resources

A customer asked that we check out his intranet site, which was used by the company's employees and customers. This was part of a larger security review, and though we'd not actually used SQL injection to penetrate a network before, we were pretty familiar with the general concepts. We were completely successful in this engagement, and wanted to recount the steps taken as an illustration.

This step by step guide can be useful in getting a basic understanding on how security experts analyze a network, website or computer system. In this instance, it details how a security company successfully managed to gain access using SQL injections. The chapter about mitigating the attack can be especially helpful to system and web administrators to learn about ways to protect their properties against the attack form.


Previous Post: «
Next Post: «


There are no comments on this post yet, be the first one to share your thoughts!

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.