What is SQL injection ?
SQL stands for Structured Query Language.SQL is used to design the databses. The information is stored in databses. SQL injection is the vulnerability occuring in database layer of application which allow attacker to see the contents stored in database. This vulnerabilty occures when the user's input is not filtered or improperly filtered.
The main goal of attacker is use to access the information stored in website's database. It can be done manually, read more here. In this tutorial, I am using to do the same thing easily using a tool.
Read the disclaimer first before proceeding. I remind you again that its only for educational purposes.
Requirement: Download the tool from here. Its SqliHelperV.2.1.
Steps of attack :-
Vulnerable Website > Database > Tables > Columns > Data
Search for any vulnerable website using Google Dorks. I found this website
http://www.shelter.org/org/news.php?id=5.
I came to know its vulnerable because when I attached a single quote at the end, it didn't filter it and returned me with an error.
http://www.shelter.org/org/news.php?id=5'
Step 1. Run the tool and there is no need of any installation. Input the vulnerable URL and click on 'Inject'
Step 2 : After processing is done. Click on "Get Database".It would then show the databases
Step 3: Select any database other than "Information_schema" and Click on "Get tables". It would start fetching all tables. Have some patience. In most of the cases there is a table like admin or login or users etc.
Step 4: Select any Table and click on "Get Columns".
Step 5: Select the column and click on "Dump Now" . A new pop up window would open showing you the data stored in it.
So You came to know that how deadly it could be to allow users to send their input without any filteration/validation. So never be lazy at programming and use possible filteration mechanisms.
0 comments:
Post a Comment