Results 1 to 11 of 11
  1. #1
    Join Date
    Oct 2010
    Location
    Orlando, FL
    Posts
    311

    What Exactly Is a SQL Injection

    I've read a lot of security issues with servers being compromised due to SQL injections so I was curious what exactly that means. I read the Wiki page specifically for it:

    SQL injection - Wikipedia, the free encyclopedia

    Sadly I do fully comprehend what this means or how it works perhaps because of the level of my SQL knowledge

    Would someone mind explaining exactly how this impacts a database server or how it works?

  2. #2
    Join Date
    Apr 2002
    Location
    Toronto, Canada
    Posts
    20,002
    Quote Originally Posted by CarlosinFL View Post
    Sadly I do fully comprehend what this means...
    you do? or you don't?

    it means that a skilled hacker can use SQL injection to find the password of the database administrator and

    1. extract confidential information from the database

    or

    2. create damage to the contents and/or structure of te database
    rudy.ca | @rudydotca
    Buy my SitePoint book: Simply SQL

  3. #3
    Join Date
    Oct 2010
    Location
    Orlando, FL
    Posts
    311
    OK so basically it's just consistent of someone gaining access to the database privileged users credentials and nothing more, right? Is there a minimal guideline(s) for making sure this doesn't happen to my database server? Obviously my database super user password is very strong and not often used as I have a regular account with superuser privileges.

  4. #4
    Join Date
    Jun 2003
    Location
    Ohio
    Posts
    12,592
    Depending upon the settings on the server, it may be possible for the hacker to shell out to the operating system through SQL statements, and once there he would have administrative control on the network.
    So yes, SQL Injection can be serious and the risk is not limited to the scope of the database environment.
    If it's not practically useful, then it's practically useless.

    blindman
    www.chess.com: "sqlblindman"
    www.LobsterShot.blogspot.com

  5. #5
    Join Date
    Mar 2003
    Location
    The Bottom of The Barrel
    Posts
    6,102
    Have a go with xp_cmdshell()

    Also good times is to modify relative paths stored in the database to point at something a lot more interesting, and then use the application to serve that file.


    You just have to think outside the box a bit more...
    oh yeah... documentation... I have heard of that.

    *** What Do You Want In The MS Access Forum? ***

  6. #6
    Join Date
    Jan 2003
    Location
    Massachusetts
    Posts
    5,800
    Bah. Worst thing you can do in a SQL injection attack is to run something like
    Code:
    update accounts_receivable
    set amount = amount * (1.2 - .4*rand())
    No program returns errors. Only if you are lucky will you have an audit trail able to reconstruct the originals.

  7. #7
    Join Date
    Mar 2003
    Location
    The Bottom of The Barrel
    Posts
    6,102
    Or swap app *.dll's on a shared app/db server with your own. That's fun. Did you know you can overload the = operator in C#?
    oh yeah... documentation... I have heard of that.

    *** What Do You Want In The MS Access Forum? ***

  8. #8
    Join Date
    Nov 2004
    Location
    on the wrong server
    Posts
    8,835
    I like to server up Teddy's with a side of FORMAT D:\/U
    “If one brings so much courage to this world the world has to kill them or break them, so of course it kills them. The world breaks every one and afterward many are strong at the broken places. But those that will not break it kills. It kills the very good and the very gentle and the very brave impartially. If you are none of these you can be sure it will kill you too but there will be no special hurry.” Earnest Hemingway, A Farewell To Arms.

  9. #9
    Join Date
    Nov 2004
    Location
    on the wrong server
    Posts
    8,835
    is it something like this...

    ALTER DATABASE myDB SET single_USER WITH ROLLBACK IMMEDIATE
    “If one brings so much courage to this world the world has to kill them or break them, so of course it kills them. The world breaks every one and afterward many are strong at the broken places. But those that will not break it kills. It kills the very good and the very gentle and the very brave impartially. If you are none of these you can be sure it will kill you too but there will be no special hurry.” Earnest Hemingway, A Farewell To Arms.

  10. #10
    Join Date
    Aug 2011
    Posts
    1
    that's why now I'm using mysqli when making sites is more secure. you never know if your hosting provider is very well updated.

  11. #11
    Join Date
    Jun 2003
    Location
    Ohio
    Posts
    12,592
    And how exactly is it that you think MySQL is safe from SQL Injection?
    If it's not practically useful, then it's practically useless.

    blindman
    www.chess.com: "sqlblindman"
    www.LobsterShot.blogspot.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •