SQL Injection Techniques

In this chapter you will learn:
About injection
Example of injection

About injection

SQl injection is a technique used by hackers to steal or hack data. Hackers inject their owm SQL command in SQl statements and alter the real statement. Through this technique malicious users can attack on user's data of SQL statements via web page and alter it. It is based on 1=1 which is laways true and retrieve all rows of table.

Example of injection

If there is nothing to prevent wrong entry then user can use a very smart technique as-
User id 1=1

It is valid and always returns the value true so you can check it that write the statement as-

select * from table_name where userid= value or 1=1

SUMMARY

In this chapter, you have learned about SQL injection technique. In the next chapter you will get some storing data exercise.

 

Share your thought