Skip to content

SQL Injection

202305042013000 SQL Operations

SQL injection it is vulnerability that occurs when an attacker inserts in unsanitized user input some values which impact on database query execution.

Prevention

  1. parameterized queiries 2023050422584646 SQL Injection#^9d7a74
  2. input validation

How detect sql injection possibility

  1. Add single quotes and expect error
  2. Boundary Testing. Use "...ORDER BY < out count> ..." If we send count more than count in table errors would be returned
  3. Fuzzing 
    wfuzz -c -z file,/usr/share/wordlists/wfuzz/Injections/SQL.txt -d "db=mysql&id=FUZZ" -u http://sql-sandbox/api/intro

wfuzz -c -z file,/usr/share/wordlists/wfuzz/Injections/SQL.txt -d "db=mysql&name=s&sort=id&order=FUZZ" -u http://sql-sandbox/discovery/api/fuzzing

How exploit sql injection

  1. 202305051825099 SQL Injection Error based payloads
  2. 202305051829000 SQL Injection UNION-based Payloads
  3. 202305051829033 SQL Injection Stacked Queries
  4. 2023050518282929 SQL Injection Reading and Writing Files
  5. 2023050518285757 SQL Injection Remote Code Execution
  6. 202305091539011 SQL Map

References

  1. CheatSheets Series Team, 2021), https://cheatsheetseries.owasp.org/cheatsheets/Query_Parameterization_Cheat_Sheet.html ^9d7a74
  2. web200.SQL Injection.Introduction to SQL Injection
  3. web200.SQL Injection.Testing for SQL Injection