Scribd Logo
Upload

Welcome to Scribd!

  • The SQL Injection Technique: Fawaz Ahmad

    Uploaded by

    fawaz.gumbat
    35 views2 pages
    The document discusses SQL injection, a cybersecurity threat where malicious code is injected into a web page's SQL statement. Attackers use SQL injection to access and manipulate vulnerable databases, allowing them to steal user data, delete tables, alter balances, and gain administrative access. SQL injection works by exploiting vulnerabilities in an application's coding to submit a crafted SQL query that reveals database structure and secured information. It poses a threat both to organizations and their users by enabling theft of personal details like logins and PII.

    Original Description:

    SQL Injection

    Original Title

    SQL Injection

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document discusses SQL injection, a cybersecurity threat where malicious code is injected into a web page's SQL statement. Attackers use SQL injection to access and manipulate vulnerable databases, allowing them to steal user data, delete tables, alter balances, and gain administrative access. SQL injection works by exploiting vulnerabilities in an application's coding to submit a crafted SQL query that reveals database structure and secured information. It poses a threat both to organizations and their users by enabling theft of personal details like logins and PII.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    35 views2 pages

    The SQL Injection Technique: Fawaz Ahmad

    Uploaded by

    fawaz.gumbat
    The document discusses SQL injection, a cybersecurity threat where malicious code is injected into a web page's SQL statement. Attackers use SQL injection to access and manipulate vulnerable databases, allowing them to steal user data, delete tables, alter balances, and gain administrative access. SQL injection works by exploiting vulnerabilities in an application's coding to submit a crafted SQL query that reveals database structure and secured information. It poses a threat both to organizations and their users by enabling theft of personal details like logins and PII.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    The SQL Injection technique

    Fawaz Ahmad

    In today's world, cyber threats and attacks are used to corrupt or steal a person's personal
    information from a large amount of data from many lines of industry. It is now required to defend
    databases against security-related threats all across the world. SQL injection is a well-known and
    very vulnerable threat that can compromise any organization's database, whether it's a private
    company or the government, by injecting code into a web page. Applications are targeted with
    this code injection technique. A SQL statement will be injected in such a way that ALWAYS TRUE
    is used as a constraint. It is an overview to provide an overview of a prevalent cyber security
    threat known as " SQL Injection."
    Websites have become the most important aspect of our life in modern century. We enter a
    variety of personal data into these websites, which is recorded in a database. We can use the
    network to access it from anywhere. As a result, attackers were able to steal data from vulnerable
    web pages. The acronym SQL stands for structured query language, and it's pronounced se-qual.
    This language was created primarily to deal with relational databases. Query is used to input data,
    edit the database, and access the required data on its own for data manipulation. Here comes
    the injection, which is carried out using a SQL query as part of the data manipulation process.
    SQL injection is performed by using a structured query that instigates the desired response. The
    response is essential for the attacker to understand the database architecture and to access the
    secured information of the application.

    A bad actor hacker performs an SQL injection to delete data or tables from the database
    Attackers use SQL injection to alter or update data in the database and add additional data. For
    instance, in the case of a financial application, an attacker can use SQL injection to change
    account balances. Even worse, attackers can gain administrative rights to an application
    database. The most common risk of an SQL injection attack is the theft of user data. Email
    addresses, login credentials, and personally identifiable information (PII) can be stolen and sold
    on the dark web. Therefore, a successful SQL injection poses a threat not only to the organization
    but also its users.

    References:
    1. https://www.researchgate.net/publication/316886377_A_study_on_SQL_injection_techniques

    You might also like