Home »
SQL
Use of Injection in SQL
In this article, we are going to discuss about what is injection, how we can use injection in SQL?
Submitted by Bharti Parmar, on December 12, 2018
In the previous article, we have learned to retrieve (and update) database data, using AND/OR Operator in SQL. In this article, we are going to discuss what is injection, how we can use injection in SQL? So, in this article, we will learn the use of injection in SQL queries.
Basically, SQL injection is a method where mischievous users can inject SQL commands into an SQL statement, via web page input. Injected SQL commands can alter the SQL statement and finding the middle ground the security of a web application.
Injection is used to create an SQL statement to select a user by using their own user id.
In place of entering "wrong" input, the user can enter some "smart" input
Example: User_ID = 15028 (OR) 1=1
Let's Take an Example to understand this concept:
- Select * from student where student-id = 15028 or 1=1
- Select student_name, course, branch from student where student_id=15032 or 1=1
Explanations of this two injection queries based on 1=1:
In the first SQL statement, all rows from the student table are shown whether student-id is 15028 and where 1=1 always remains true. Similarly, in second SQL statement student_name, course, branch is returned where 1=1 is always true.
Select * from student where Name ="" or ""="" AND Pass ="" or ""=""
Explanation of this injection query based on "" ="":
By this SQL statement student or any usernames and passwords in a database can access by anyone by simply inserting " or ""=" into the student or any username or password; where”” =”” is always true.
SELECT * FROM Department; DROP TABLE Student
Explanation of this injection query based on batch:
This SQL statement does complete two task first retrieve all the rows data on the screen in the department table and then drop or delete the student table.
Conclusion:
In this article, we have learned the different concept of injection. We have learned injection based on 1=1, "" = "", batched injection. Mostly hacker uses this concept for access all the rows, username and password from the database. I hope you understand the concept; in the next article, We will learn more new things in SQL. Have a nice day! Happy Learning!