SQL Injection is a code-based vulnerability that allows an attacker to read and access sensitive data from the database. Attackers can bypass security measures of applications and use SQL queries to modify, add, update, or delete records in a database. A successful SQL injection attack can badly affect websites or web applications using relational databases such as MySQL, Oracle, or SQL Server. In recent years, there have been many security breaches that resulted from SQL injection attacks.
Types of SQL Injection
In-band SQLi - The attackers use the same communication channel to launch their attacks and collect results.
The two common types of in-band SQL injections are Error-based SQL injection and Union-based SQL injection.
Error-based SQL injection - Here, the attacker performs certain actions that cause the database to generate error messages. Using the error message, you can identify what database it utilizes, the version of the server where the handlers are located, etc.
Union-based SQL injection - Here, the UNION SQL operator is used in combining the results of two or more select statements generated by the database, to get a single HTTP response. You can craft your queries within the URL or combine multiple statements within the input fields and try to generate a response.
Blind SQLi - Here, it does not transfer the data via the web application. The attacker can not see the result of an attack in-band.
Boolean-based SQL Injection - Here, the attacker will send an SQL query to the database asking the application to return a different result depending on whether the query returns True or False.
Time-based SQL Injection - In this attack, the attacker sends an SQL query to the database, which makes the database wait for a particular amount of time before sharing the result. The response time helps the attacker to decide whether a query is True or False.
Out-of-bound SQL Injection - Out-of-bound is not so popular, as it depends on the features that are enabled on the database server being used by the web applications. It can be like a misconfiguration error by the database administrator.
Types of SQL Injection
In-band SQLi - The attackers use the same communication channel to launch their attacks and collect results.
The two common types of in-band SQL injections are Error-based SQL injection and Union-based SQL injection.
Error-based SQL injection - Here, the attacker performs certain actions that cause the database to generate error messages. Using the error message, you can identify what database it utilizes, the version of the server where the handlers are located, etc.
Union-based SQL injection - Here, the UNION SQL operator is used in combining the results of two or more select statements generated by the database, to get a single HTTP response. You can craft your queries within the URL or combine multiple statements within the input fields and try to generate a response.
Blind SQLi - Here, it does not transfer the data via the web application. The attacker can not see the result of an attack in-band.
Boolean-based SQL Injection - Here, the attacker will send an SQL query to the database asking the application to return a different result depending on whether the query returns True or False.
Time-based SQL Injection - In this attack, the attacker sends an SQL query to the database, which makes the database wait for a particular amount of time before sharing the result. The response time helps the attacker to decide whether a query is True or False.
Out-of-bound SQL Injection - Out-of-bound is not so popular, as it depends on the features that are enabled on the database server being used by the web applications. It can be like a misconfiguration error by the database administrator.
