Injection Attack

• Involves sending malicious data to a system for unintended consequences
• SQL injection and XML injection share the goal of inserting code into systems

SQL (Structured Query Language) Injection

SQL DATA

• Used to interact with databases

• Four main SQL actions

  1. Select — Used to read data from the database
  2. Insert — Used to write data into the database
  3. Delete — Used to remove data from the database
  4. Update — Overwrite some data in the database

• Example statement:

  SELECT * FROM USERS WHERE userID = ‘admin’ AND password = ‘pass123';
  

SQL Injection

• Involves inserting malicious SQL code into input fields
• Attackers use URL parameters, form fields, cookies, POST data, or HTTP headers for SQL injection

Prevention

• Input validation
• Sanitize user data
• Use a web application firewall

SQL Injection Attempt

• Involve statements like “ OR 1=1 “`
• Example:

  • Original SQL statement

    SELECT * FROM USERS WHERE userID = 'admin' AND password = 'pass123';
    

  • Injected SQL statement

    SELECT * FROM users WHERE userID = 'admin' AND password = "OR 1=1";
    

XML (Extensible Markup Language) Injection

XML data