Welcome to www.programmer2programmer.net Its all about security programming source code


 Microsoft Certification
 Final Year Project Idea
 Connection Strings
 Password Recovery
 SQL Injection
 Encryption & Decryption
 LIVE Academic Project
 Project #1 - VB6, Access
  Project #2 - VB.Net, SQL
 Project #3 - ASP, Access
 Project #4 - ASP.NET, C#
 Project #5 - VB6, SQL
 Project #6 - Stegano
 Project #7 - C
 Project #8 - C++
 Project #9 - JAVA, MySQL
 Project #10- PHP, MySQL
 Project #11- JSP, Oracle
 Project #12- C# Face Exp
 Project #13- Mobile Bank
 Download MBA Project
 MBA Project Topic
 Project Viva Question
  2018 New Projects
 Project Synopsis Download
 University Question Paper, Assignment and Projects
 SMU - Question Paper
 SMU - Assignment
 SMU - Synopsis Projects
 SCDL - Assignment
 IGNOU - Synopsis Projects
 Welingkar - Projects
 Project Report Formats
 Interview Question Answer
 General & HR Round
 Visual Basic 6
 VB.Net & C#
 SQL Server
  Oracle and DBA

100% Tested
Ready Academic IT Projects


 What is SQL Injection? Basic SQL Injection, Database Layer hacking technique, SQL Injection attacks.

Home Personal Member Forum Source Project Tips Contact

SQL Injection - Exploits a security vulnerability

What is SQL Injection?

1. What is SQL Injection

SQL Injection the most popular method to pass SQL command deliberately from input filed in application.  As a developer you should know how to prevent your application from SQL Injection.

SQL Injection is one of the many web attack mechanisms used by hackers to steal data from organizations. It is perhaps one of the most common application layer attack techniques used today. It is the type of attack that takes advantage of improper coding of your web applications that allows hacker to inject SQL commands into say a login form to allow them to gain access to the data held within your database.

2. SQL Injection by Example
3. Advanced SQL Injection
4. Preventing SQL Injection

Which part of your application is in threat for SQL Injection?
SQL Injection is the hacking technique which attempts to pass SQL commands and SQL queries (statements) through a web application or desktop application for execution by the backend database. If not sanitized properly, web applications may result in SQL Injection attacks that allow hackers to view information from the database and/or even wipe it out.

Such features as login pages, support and product request forms, feedback forms, search pages, shopping carts and the general delivery of dynamic content, shape modern websites and provide businesses with the means necessary to communicate with prospects and customers. These website features are all examples of web applications which may be either purchased off-the-shelf or developed as bespoke programs.

These website features are all susceptible to SQL Injection attacks which arise because the fields available for user input allow SQL statements to pass through and query the database directly.

Basic SQL Injection, power of 'T'='T'
Most login page is ask for User Name and Password from the user. User type the user name and password in the login form and submit for authenticate. System query the database with supplied user name and password if it found in the database it authenticate the user otherwise it show login fail message. When we submit the login page most login page will pass query to database like.

    select * from user_master where user_name='" & TxtUserName.Text & "' and
    user_password ='" & TxtPassword.Text & "'"

If we type User Name as ANYUSER and Password as ANYPASS then actual query look like.

    select * from user_master where user_name='ANYUSER' and
    user_password ='ANYPASS'

It will not work as there is no such user name and password in the table user_master. and it will show login fail message. Now just change your password and type   ANYPASS' or 'T' = 'T    and submit the page again. This time the query look like.

    select * from user_master where user_name='ANYUSER' and
    user_password ='ANYPASS' or 'T' = 'T'

Now it works and you are able to login the page without knowing the user name and password. How it was happen. the query will always return all records from the database because 'T' = 'T' always True.

What are the SQL command you can pass
If the underlying database supports multiple command in single line, then you can pass any valid DML, DCL and DDL command through SQL injection. for example following command will drop user_master table from the database. For example type in password box ANYPASS' ; drop table user_master --   and submit the page again. this time underlying query looks like.

    select * from user_master where user_name='ANYUSER' and
    user_password ='ANYPASS' ; drop table user_master -- '

Now it drop the user_master table from the database. In this case we pass drop table command along with password. -- two dash is comment for SQL no other code will be executed after that. If you know the table structure then you can Insert and update the record as well through SQL Injection.


Next 2.  SQL Injection by Example
(C) Atanu Maity, 2006-2018