SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application (like queries). The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed. It happens from using poorly designed query language interpreters.
Lets Start Hacking a Website.....
1.) When You Enter a Username and Password in a Website the query Which is fired is similar to :
Select * from Admin where username = 'ishan' and password = '123' ;
Here Admin is the table name and username,password are columns in the table.
Now I Supply values for username and password as 'ishan' and '123' and an error is produced.
2.) Now Lets supply username= 1' or '1' = '1 and password = 1' or '1' = '1 and let's see what happen?
Wallaaa The Website is Hacked......
3.) Now Lets Go back to Sql Query and see what happen if we replace 'ishan' and '123' with 1' or '1' = '1 , Then Query Becomes
Select * from Admin Where username = '1' or '1' = '1' and password = '1' or = '1' = '1'
Now as we know if any of the condition in or is true then statement is true therefore username and password may not be equal to '1' but '1' = '1', This is a Universal truth.Since Both Condition of And are true now therefore the whole select query becomes true and it returns the row...
4.) Now as we don't enter any valid username and password so Which row from admin table does the Select query will retrieve.Good Question?
It will retrieve the very first row of the table
Now The basic thing in this attack is that we have Fooled the Database by manipulating query..
5.) You Can try some more username and passwords to fool database:
- admin'--
- ') or ('a'='a
- ”) or (“a”=”a
- hi” or “a”=”a
Hope That You have liked this post and don't forget to +1 and recommend this site in right pane
Note :This is for Educational Purpose only. Don't try it to cause any harm to any website or its Database
