OWASP WebGoat Series - SQL Injection


SQL Injection

SQL Injection is the most common web application security risk. To understand how to perform it we first need to understand what it is. According to OWASP WebGoat “a SQL Injection attack consists of insertion or “injection” of malicious code via the SQL query input form the client to the application”. SQL Injection happens when unfiltered data from the client happens (e.g. the address bar or input field) gets into the SQL interpreter of the application. Hackers can take advantage of this by manipulating the SQL statement to their advantage.

Basic query to retrieve the user information from a database:

"SELECT * FROM users WHERE name = '" + userName + "'";

The varbiable userName holds the input from the client and “injects” it into the query.”

"SELECT * FROM users WHERE name = 'Cruz'";

Here are some basic examples of how to perfrom an attach:

Effects of SQL Injections

The consequences of a SQL Injection can be detrimental to a business. A successful SQL Injection can give a hacker the ability to exploit the database by:

SQL Injection attacks gives hackers the power to do a variety of attacks. This can include but not limited to: