SQL Injection
Many web developers are unaware of how SQL queries can be tampered with, and assume that an SQL query is a trusted command. It means that SQL queries are able to circumvent access controls, thereby bypassing standard authentication and authorization checks, and sometimes SQL queries even may allow access to host operating system level commands.
Direct SQL Command Injection is a technique where an attacker creates or alters existing SQL commands to expose hidden data, or to override valuable ones, or even to execute dangerous system level commands on the database host. This is accomplished by the application taking user input and combining it with static parameters to build an SQL query. The following examples are based on true stories, unfortunately.
Owing to the lack of input validation and connecting to the database on behalf of a superuser or the one who can create users, the attacker may create a superuser in your database.
More info: PHP: SQL Injection - Manual
Better Article: #-Link-Snipped-#
Direct SQL Command Injection is a technique where an attacker creates or alters existing SQL commands to expose hidden data, or to override valuable ones, or even to execute dangerous system level commands on the database host. This is accomplished by the application taking user input and combining it with static parameters to build an SQL query. The following examples are based on true stories, unfortunately.
Owing to the lack of input validation and connecting to the database on behalf of a superuser or the one who can create users, the attacker may create a superuser in your database.
More info: PHP: SQL Injection - Manual
Better Article: #-Link-Snipped-#
Replies
-
slashfearHey buddy!!
Check out my video which illustrates the power of sql injection (done it when I free.....) : #-Link-Snipped-#
-Arvind -
PraveenKumar Purushothaman
+100 Its an awesome cool video buddy... Hats off... ๐slashfearHey buddy!!
Check out my video which illustrates the power of sql injection (done it when I free.....) : #-Link-Snipped-#
-Arvind -
slashfear
Thanks Buddy!! ๐praveenscience+100 Its an awesome cool video buddy... Hats off... ๐ -
PraveenKumar Purushothaman
Actually it deserves a lot!!! But, now-a-days, even trying harder, couldn't get any site hacked... Why so?slashfearThanks Buddy!! ๐ -
slashfear
we can still hack websites but you have to know how to find the weakness of the website and the language used for creating the website.... Ok we are not going to go deep n this topic buddy I dont wanna turn this place as hacking tutorial.... Biggie will get mad i guess ๐praveenscienceActually it deserves a lot!!! But, now-a-days, even trying harder, couldn't get any site hacked... Why so?
-Arvind -
PraveenKumar Purushothaman
He he... ๐ Yeah, oki... Lets stop it here... ๐slashfearwe can still hack websites but you have to know how to find the weakness of the website and the language used for creating the website.... Ok we are not going to go deep n this topic buddy I dont wanna turn this place as hacking tutorial.... Biggie will get mad i guess ๐
-Arvind -
Priya VasThe whole content copied form #-Link-Snipped-#, stop copying
-
PraveenKumar Purushothaman
I seriously don't understand, if you have read the whole content fully. If yes, you would have noticed that I gave a glance from that page and asked the users to read more at #-Link-Snipped-#Priya VasThe whole content copied form #-Link-Snipped-#, stop copying
You are reading an archived discussion.
Related Posts
There are moments when I really hate technology and wish if we had never invented computers, mobile phones, tablets, Internet, television and so on. Technology advancements have turned me into...
The Japanese Skelectonics have developed this exoskeleton that doesn't use motors or hydraulics as you'd expect. Yet, it's capable of doing lot of things as you'll see in following video....
Google Maps Beta Google Maps Navigation for mobile will now automatically track the traffic on your routes and then find you the best alternative way.
Check out details here: Youโve...
Sumeet Anand is the founder of Kreeo that works in Enterprise 2.0 and collective intelligence domain. Following video by Sumeet shows a story of a startup from 'start' to 'success'....
From the release of iPad until now has been almost one week. Many people are thinking about whether to buy a new iPad. iPad 2 will debut on March 11....