Thursday , September 20 2018
Home / IT Security / SQL Injection

SQL Injection

Protecting Cookies

Protecting Cookies

Protecting Cookies: Since cookies are an integral part of the web applications, it is important to understand the methods that can be used to secure them properly. While the developers of an application is ultimately he only person who can make changes to secure cookies in most cases, it is …

Read More »

Databases and Technology

Databases and Technology

Databases & Technology: One key reason why computers are installed is for their ability to store, access, and modify data. The primary tool for data management is the database. Databases have become increasingly sophisticated, and their capabilities have grown dramatically over the last 10 years. This growth has created opportunities …

Read More »

SQL: Bypassing Authentication

SQL: Bypassing Authentication

We can now construct a valid SQL statement that will execute gracefully and retrieve information that we have no rights to retrieve. Bypassing Authentication We know we are dealing with a string column because of the quotes being applied to our input, so we can either the 1=1 or ‘a’=’a …

Read More »

SQL INJECTION ATTACKS: Finding the Vulnerability

SQL INJECTION ATTACKS: Finding the Vulnerability

SQL Injection Attacks: Now that we have the basics of SQL injection down, let’s use our DVWA environment to try it out on a vulnerable page. We have a couple of goals for this section: Crash the application to prove that our input dictates the applications behavior. Retrieve usernames from …

Read More »

The SQL Interpreter

The SQL Interpreter

SQL Interpreter: One of the main aspects of this vulnerability that you must understand is that it leverages an SQL interpreter. An interpreter takes input and acts on it immediately without having to go through traditional programming processes such as linking, compiling, debugging, and running. For example, an SQL interpreter …

Read More »

SQL for Hackers: Learn How Useful SQL

SQL for Hackers

SQL for Hackers: Learn How Useful SQL : As an attacker, it is critical to gain an understanding on how this query is constructed and what exact parts of the query you are in control of. The query is broken out into three distinct parts. SELECT * FROM shoes WHERE …

Read More »