This video is all about SQL injection or Sequel Injection and its vulnerability. Most of the websites like small WordPress or big e-commerce portals, all having different kinds of databases running in their backend. It could be MySql, Oracle, SQL Server, PostgreSQL or any other RDBMS like these. SQL-injection uses malicious SQL code for server-side database manipulation to access information that was not intended to be displayed publicly. These types of attacks may result in the unauthorized viewing of user lists, the deletion of entire tables and, sometimes, the attacker gaining admin rights to a database, in other words, whole content access of your website. An attacker can use it to bypass a web site's security, then retrieve the contents of an entire database and manipulate it as per their own wish. This could be a detrimental impact on your online reputation because your own website contents are no longer in your hand and now controlled by some unknown hackers.
In this video, I will guide you how to point the insecure parts of your website and how to get your website protected from the SQL injection attacks.
How SQL Injection Works
It basically targets input fields like login form, account registration form, search box or any other forms of the website which directly execute database queries in the backend. The attacks can also happen through URL link of your website if it is using query string which is directly connected to your database.
Example: Login Form
User_Id = Request_string("email@example.com");
User_Pass = Request_string("mypassword");
Database SQL Query:
'SELECT * FROM Users WHERE Name =" firstname.lastname@example.org" AND Pass =" mypassword "';
What hackers do:
A hacker might get access to user ids and passwords in a database by simply inserting the statement like " OR ""=" into the user name or password text box:
Database SQL Query:
SELECT * FROM Users WHERE Name ="" or ""="" AND Pass ="" or ""=""
The SQL above will return all rows from the "Users" table, since the statement like OR ""="" is always TRUE.
This is just an example. There are lots of this type of input queries hackers are using to ruin your privacy and sometimes delete the database tables.
How to Mitigate SQL Injection?
Input Validation / Pattern Check
SQL injection is mainly attacks through malicious external input. That's why it is preferable to use strict input validation. The input fields of your website only accepts the characters which are only approved by the system and rejects all malicious inputs.
Database Access Privilege
The web application should be restricted to least privileged access. For example, if the information is for validation or viewing purpose only, then only grant read access to the table. This ensures that an attacker won't have the rights to the database through the compromised web application.
Instead of writing dynamic queries, use prepared statements with parameterized queries. A placeholder can only store a value of the given type. SQL injection would simply be treated as an invalid parameter value.
There are many other techniques used to prevent the variety of SQL injections. Some of them are application specific. It is preferable to use 3rd party experts to test your website and take their advice to prevent SQL injection attacks. If you have any further queries, you can reach me anytime by Email or Skype.