SQL Injection Techniques

OBJECTIVE

In this chapter you will learn:

About injection
Example of injection

 

About injection

SQl injection is a technique used by hackers to steal or hack data. Hackers inject their owm SQL command in SQl statements and alter the real statement. Through this technique malicious users can attack on user’s data of SQL statements via web page and alter it. It is based on 1=1 which is laways true and retrieve all rows of table.

Example of injection

If there is nothing to prevent wrong entry then user can use a very smart technique as-
User id 1=1

It is valid and always return the value true so you can check it that write the statement as-
select * from table_name where userid= value or 1=1
SUMMARY

In this chapter you have learned about SQl injection technique. In the next chapter you will get some storing data exercise.


Leave a Reply

Your email address will not be published. Required fields are marked *