What is SQL Injection Attack?
SQL is stands for structure querry language. It is relational database management system.In this our data is store in database.SQL injection attacks also knows as SQLi attacks, have been a serious problem.
SQL injection is a common attack that allows users with malicious SQL code to access hidden information by manipulating the backend of databases. This data may contain sensitive or confidential business information, private customer details, or user lists.Which is enough for cybercriminal to use as for criminal purposes.
How it's works?
For example, a simple web application with a login form will accept a user email address and password. It will then submit that data. There is a “remember me” checkbox in most forms like this, so these details are get addressed or store by cookies.
SQL Injection Attack Examples
- Copying or deletion of portions of, or the entire, database, including sensitive data such as health records or credit card information.
- Modification of the database, including adding, changing, or deleting records.
- Pretend like users, spoofed login credentials or Avoid authentication process.
- Execution of OS commands that allow access to other network assets.
- An advanced SQL injection attack may take the target DBMS or web app offline completely.
- Simple SQL Injecton Attack
- Blind SQL Injecton Attack
- Union SQL Injecton Attack
- Error SQL Injecton Attack
Nice explaination dude
ReplyDeleteThanks
DeleteNoice
ReplyDelete