Day 17 - Sunday, January 17, 2021

I wrote about one of the most widely used WebAttacks in the last post which was XSS or Cross-Site Scripting which is a technique used by programmers both good and bad to inject JS code into clientside of the site to access user data like password, cookies, and bank accounts etc.

Today I am going to talk about another of the most well-known and widely used web-attack technique called SQL-Injection. SQL-Injection is a malicious technique meant to edit or delete databases. Just like XSS it is also carried out through user input fileds and can cause massive damage if you are running some online business or an online banking service.

The Best way to handle SQL-Injection is to sanitize user data which is directly involving in the query used to fetch data from the database.

As an example here is a url for your website where you fetch data from the database by using the parameter "id" from the url and directly adding it to the query string.

# yourwebsite.com/user?id=1

user_id = data.id # id = 1 in this case

# Directly adding user input without sanitizing it
sql_query = f"SELECT * FROM users WHERE id = {user_id};"

# Returns User Data where id = 1

But someone who understands SQL can take advantage of it by altering the url.

# yourwebsite.com/user?id=1 OR 1=1

user_id = data.id # where id = "1 OR i=1"
sql_query = f"SELECT * FROM users WHERE id = {user_id};"

# Returns User Data where id = 1 OR 1=1

The database in this case will return all the users data whcih is stored in the database as the condition 1=1 holds true.

The Conclusion Always Sanitaize UserData before enterting it into the query.

What I Learned Today

💻 Programming

  • SQL-Injection - As my site is a static-site it doesn't have any backend database and as I mentioned in the last post it doesn't even have any input field or form in it too so no worries for now. Also some sources to study more on this topic.
    1. Hacking Websites with SQL Injection - Link
    2. Running an SQL Injection Attack - Link
    3. Sql Injection Explained by Example with Express and PostgreSQL - Link
    4. What is SQL injection (SQi)? - Link
    5. SQL Injection Explained with Syntax Examples - Link

🗾 Langauge[日本語]

  • 客室 (きゃくしつ) Guest Room. : Guest, : Room.
  • 高さ (たかさ) Height. : Tall or Expensive.
  • 平和 (へいわ) Peace. : Flat, : Peace.
  • 受験 (じゅけん)Taking an Exam. : Accept, : Confirmation.
zainscizainsci