SQL Injection

What Does SQL Injection Mean?

An SQL injection is a computer attack in which malicious code is embedded in a poorly-designed application and then passed to the backend database. The malicious data then produces database query results or actions that should never have been executed.

Advertisements

Techopedia Explains SQL Injection

Let’s go through an example of a SQL injection attack:

An application running a bank’s operations contains menus that may be used to search for customer details using data points such as the customer’s Social Security number. In the background the application calls an SQL query that runs in the database by passing the entered search values as follows:

SELECT client_name, telephone, address, date_of_birth WHERE social_sec_no=23425

In this sample script, the user enters the 23425 value in the application menu window, requesting the user to enter the Social Security number. Then, using the value provided by the user, an SQL query runs in the database.

A user with SQL knowledge may understand the application and, instead of entering a single value when asked for the Social Security number, enter the string “23425 or 1=1,” which is passed to the database as follows:

SELECT client_name, telephone, address, date_of_birth WHERE social_sec_no=23425 or 1=1

The WHERE clause is important because it introduces vulnerability. In a database, the condition 1=1 is always true, and because the query has been specified to return client Social Security number details (23425) or WHERE 1=1, the query will return all rows in the table, which was not the original intention.

The above SQL injection attack example is simple, but it shows how exploiting a vulnerability to trick the application into running a backend database query or command.

SQL injection attacks can be mitigated by ensuring proper application design, especially in modules that require user input to run database queries or commands. In the above example, the application could be changed so that it accepts one numeric value only.

Advertisements

Related Terms

Latest Cybersecurity Terms

Related Reading

Margaret Rouse

Margaret Rouse is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical, business audience. Over the past twenty years her explanations have appeared on TechTarget websites and she's been cited as an authority in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine and Discovery Magazine.Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages. If you have a suggestion for a new definition or how to improve a technical explanation, please email Margaret or contact her…