code injection technique. • It is used to attack data-driven applications. • Malicious data is used to modify the resulting SQL statements. http://example.com/?post=1 SELECT * FROM `posts` WHERE post_id = 1;
code injection technique. • It is used to attack data-driven applications. • Malicious data is used to modify the resulting SQL statements. http://example.com/?post=1;DROP TABLE posts; -- SELECT * FROM `posts` WHERE post_id = 1;DROP TABLE posts; -- ;
Guess.com was vulnerable to an SQL injection attack, permitting anyone able to construct a properly-crafted URL to pull down 200,000+ names, credit card numbers and expiration dates in the site's customer database. https://web.archive.org/web/20000229100810/http://www.guess.com/ Notable for being one of the first major cc breaches online.
defaced the Microsoft UK website using SQL injection. UK website The Register quoted a Microsoftspokesperson acknowledging the problem. • "A hacker managed a rare feat Wednesday, successfully attacking a Web page within Microsoft's U.K. domain and replacing the page with several graphics related to Saudi Arabia. • http://www.cgisecurity.com/2007/06/hacker-defaces.html • https://web.archive.org/web/20070713141102/http://www.microsoft.com /en/gb/default.aspx Notable for being such a gigantic company; point was to deface via a table. Demo defacing a site.
group "RedHack" • • Redhack (Kızıl Hackerlar, Kızıl Hackerlar Birliği), is a Turkish Marxist–Leninist computer hacker group which was founded in 1997 Get their twitter background • • breached Istanbul Administration Site. They claimed that, they’ve been able to erase people's debts to water, gas, Internet, electricity, and telephone companies. Additionally, they published admin user name and password for other citizens to log in and clear their debts early morning. They announced the news from Twitter. • https://web.archive.org/web/20130611014453/http://www.ioi.gov.tr/ • http://en.wikipedia.org/wiki/RedHack • https://twitter.com/RedHack_EN/statuses/350461821456613376 • Implement this site: https://pbs.twimg.com/media/BN0Qj_3CMAEgC9c.jpg:large
from the query layer. Marginally less efficient, but guaranteed to be safe from SQLi. <?php $query="SELECT * FROM posts WHERE postid=UNHEX('".bin2hex(‘’;DROP TABLE posts;-- ’)."'); ?> SELECT * FROM posts WHERE postid=UNHEX('3b44524f50205441424c4520706f7374733b2d2d20');