DBC Blog

A Look At Some of The Things I Learned During Phase 0.

SQL Injection

| Comments

Week Eight Technical Blog Post

March 28, 2015

Little Bobby Tables

Today I will be writing about SQL Injection. SQL Injection is a way to insert code maliciously into an entry field in an application. This attack can be used against any database but is usually used against websites.

There are a few different methods that are used to maliciously send commands to the server. Today I will be writing about one of them.

Incorrectly filtered escape characters.

This type of SQL Injection occurs when input from user entry fields are not filtered for escape characters. Escape characters are special characters used in programming that tell the program, that the character after them is not to be read the usual way rather as a different character. A common example is the “ \”.

For example, an name entry field in a website. The website takes the input from the field and turns it into a select statement.

SELECT * from USERS WHERE name = (entry field);

This code looks for the specified user name and returns it from the database.

However this user name can be set to whatever the person on the other side of the field wants.

For example if '' or '1'='1' is entered it turns into the following SQL statement SELECT * FROM users WHERE name = '' OR '1'='1';

This statement would return all the names in the database because 1 = 1 is always true.

This vulnerability can also be exploited to delete or modify data in the database. See the story of Little Bobby Tables.