SQL Injection Vulnerabilities
Databases and the structured query language
A database is designed to store data in an understandable and easily accessible way. Data is organized into tables, rows and columns, making it easy to find a particular value within a database if you know where to look.
The structured query language (SQL) is designed to make data within a database easy to access and modify. SQL queries describe where to look for a particular piece of data, the parameters that identify the particular pieces of data that the user wants and what to do with the data once it is found.
The dangers of untrusted input in SQL
While SQL is a very useful tool, it can also be dangerous. The reason for this is that, in many contexts, an SQL query is designed to use untrusted data provided by a user. For example, a website may store a user’s account data in a database. To access their data, the user provides a username and password, which are compared to a copy stored within the database. If the credentials match, then the user can access other information stored in the database for their account.
The use of untrusted data in SQL queries is dangerous because of how SQL queries are structured and how they are commonly used. Like many languages, SQL queries are designed to intermingle commands and data. For example, the above code sample includes the command SELECT * FROM cust WHERE id=X is an SQL command looking for a record with a particular user identifier. Everything but the value X is provided by the developer to describe the desired action, while a user provides the id value of X to point to their particular record.
This becomes a problem if a user provides an input designed to change the meaning (Read more...)
*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Howard Poston. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/9KXKtEJaK1M/
