What is SQL Injection? SQL Injection
SQL Injection is the process in which an end user is able to 'inject' SQL commands into an input and have them execute on the server. This happens, typically, on badly coded websites where inputs are not escaped prior to putting them in SQL queries. Depending on the type of query initially used and the injection term, it is possible to manipulate an application to either provide administrative access or remove user data.
Types of attack
While the injection method is typically the same, they can lead to drastically different results - depending on the intended target. These are discussed below:
- Privilege escalation - the most commonly used kind of exploit typically entails a user being able to log in as an administrator. This typically involves using the database schema and finding a user with an administrative entitlement.
- Arbitrary database updates - it is possible to update database contents relatively un-noticed in order to create a problem in the long term, such as when it comes to financial reporting from sales, etc.
- Data loss - the most severe form of SQL injection typically involves the loss of data, either by dropping a table (as per our group name) or removing all data from a table but leaving it in situ, typically less obvious to an application operator who may not monitor data consistency.