table of Contents
1. What is sql injection?
2. To understand why the sql injection?
3.sql injection principle
4.sql injection vulnerability exists because
5.sql Language Overview
significance 6. sql language learning
1. What is SQL injection?
-
Normal web access ports
normally visit a web passed parameter values programmer had hoped, after the completion of a database query processing by the program, presenting the results page to the user. -
SQL injection is how to access?
SQL injection is a normal web access ports.
Just passed parameter value is not a programmer desirable, but passed in the parameter value nested SQL code.
Parameter values using a program processing logic's injection, by injection as desired to perform a database query.
Page can even render the display by SQL injection's desired look. -
SQL injection: application by parameters passed with the SQL code to the database engine.
II. Why should understand SQL injection?
- SQL injection hazard
hacker ultimate goal is to data, SQL database engine is a direct injection, even after lifting weights can interact with the system layer, sensitive data may be compromised, the risk of damage. - SQL injection secret strong
SQL injection port is normal web access, the system administrator or database is not easy to find, an attacker may be long-term control system or database. - SQL injection universal
common industry standard SQL relational database, SQL injection is not only the MySQL issue, but also use other SQL database issue, there is evidence that more than 60% of sites with SQL injection vulnerability. - Know ourselves a target of anti-
depth understanding of the ultimate goal is to guard against SQL injection. Raise awareness of data security, data security strategy to improve to a certain height.
III. On the SQL injection works
1. Normal access
$sql="SELECT * FROM users WHERE login ='$uname' AND password ='$pwd'"
PHP程序传入结果参数:$uname=‘sumoka’
$pwd=‘123456’
结果:SELECT * FROM users WHERE login = ‘sumoka’ AND password = ‘123456‘
2.SQL injected access
$sql="SELECT * FROM users WHERE login ='$uname' AND password ='$pwd'"
PHP程序传入结果参数:$uname= ' ' or 1=1 --
$pwd=‘123456’
结果:SELECT * FROM users WHERE login = ' ' or 1=1 --AND password = '123456'
The fundamental reason for the existence of four .SQL injection vulnerability
SQL injection vulnerability is a problem of the application, not the problem of system or database.
The reason is human nature SQL injection data security awareness is weak. Or even if there are security conscious, and programmers on how to prevent not start. So the program does not lead to input data to check the legitimacy of the user, not completely filter the safety of incoming parameters.
V. What is SQL language?
- SQL: Structured Query Language (Structured Query Language)
- SQL functions: query the database, you can insert, update, delete, and query the database and return the results and so on.
- SQL language categories include:
the DDL data definition language (the Data Definition Language)
the DML Data Manipulation Language (the Data Manipulation Language)
the DCL Data Control Language (Data Control Language)
VI. SQL language to understand the meaning of
- SQL injection is the essence of what?
SQL injection SQL language is actually the essence of a jigsaw puzzle , or fill in the blank game . - Target SQL injection
SQL injection is targeted query data or control system.
(1) query: the use of complex select query to obtain information, such as the administrator user name and password information
(2) insert: the administrator user table to insert a record trying to get backstage administrator privileges
(3) update: update the user data, extraction, or modify sensitive data.
(4) Delete: Delete Administrator rights record, clear footprints, destroy data.
Therefore, proficient in SQL language is the foundation of SQL injection.
