SQL Injection

Vulnerability where attacker can interfere with the SQL queries that an application makes to a database.

Impact

CIA triad is impacted Confidentilaity: view sensitive information Integrity: alter data in database Avaulability: Delete data in database

RCE to operating system

Type of SQL Injections

In-Band (Classic)

Same communication channel is used for attack and result of attack

• Easy to exploit

1. Error-based SQLi

Database generating error gives attaker information upon injection

2. Union-based SQLi

Using the UNION SQL operator to combine the results of two queries into a single result set.

Inferential (Blind)

No actual data is tranfered via webapp asking yes or no qustions