The most common type of Web Application vulnerability seen in the present web applications, is SQL Injection. It is another vulnerability which occurs due to unvalidated/unsanitized user input.
If we analyze the hacking trends of last few years, we can say that over 70% of the security breaches were through the use of SQL Injection.
Before we go deeper into SQL Injection, lets have a basic idea of what SQL is.
SQL or Structured Query Language is a programming language used to maintain and access databases. It is a standard way to create, query or modify data within a database.
Acc. to OWASP, A SQL injection attack consists of insertion or "injection" of a SQL query via the input data from the client to the application. The attacker tricks the Application Layer by inserting his own crafted sql injection query, instead of the normal expected user input. The web server instead of taking the user input, performs the SQL query inputted by the attacker.
This type of vulnerability occurs when the web application depends on unchecked client supplied data in SQL statements.
Hackers generally check for SQL injection, by sending in a query to the web application, which would generate an error by the database. The attacker would then use the error message to determine the type of database server, plus more additional info, which would help him penetrating the website.
However, in some cases, display of errors is set to off. So, even in some cases, which doesn’t shows an error on arbitrary code input, may even then be vulnerable to SQL Injection.
A system could even have a number of default Stored Procedures which could give the attacker, complete access to the backend system, by just taking advantage of a SQL Injection flaw in the web application.
SQL Injection can have following effects :
- Unauthorized access to application
- Access to whole databases on the server
- Database Modification
- Denial Of Service Attacks against the server
- Read/Write files on server’s file system
- Code Execution