 |
SQL Injection Attacks
This section is used in the following podcasts
- Episode #01 - SQL Injection Part 1 [Intro] - This episode covers the intial concepts and gets you started with attacking.
- Episode #03 - SQL Injection Part 2 [Intermediate] (in production) - In this epsiode we return to cover issues such as encoding types, and over/unders when trying to do UNION SELECTs
- Episode #0? - SQL Injection Part 3 [Advanced] (in planning) - In this episode we dive into advanced methods of attacks such as what is known as Blind SQL Injection, which make use of built SQL functions to avoid needing to inject single or double quotes.
Detailed Notes
Attack Pages-
Login Page using GET - login as admin/admin. Then try and login as admin without using the password, and instead using SQL Injection techniques.
Login Page using POST - Use a local Proxy like Paros to modify your requests.
Login Page protected by addslashes - Using the commonly used addslashes to protect the SQL statement, which can be hacked as detailed by Chris Shiflett.
Login Page properly protected - This one is not hackable. Try for yourself.
Restore the database - Put the database back in its original condition.
|
 |
