SQL Injection: Understanding & Preventing Database Attacks

SQL Injection (SQLi) is a critical security vulnerability where attackers manipulate SQL queries to gain unauthorized access to databases, steal sensitive information, or even alter data. It is one of the most common and dangerous web application security risks.


1. How SQL Injection Works

Attackers exploit poorly validated user inputs to inject malicious SQL code into queries. This can result in:


- Bypassing authentication (logging in as an admin without valid credentials).

- Retrieving sensitive data (e.g., usernames, passwords, credit card numbers).

- Altering or deleting database records (damaging the integrity of the application).

- Executing system commands (if database permissions allow).

3. Types of SQL Injection Attacks

- Classic SQL Injection

Directly modifying SQL queries via user input fields.


-Blind SQL Injection

Exploiting a database without seeing direct query results (e.g., using true/false conditions).


- Time-Based SQL Injection

Forcing the database to delay responses to confirm vulnerabilities.


- Out-of-Band SQL Injection

Using external channels (like DNS requests) to extract data.

4. Preventing SQL Injection

- Use Parameterized Queries (Prepared Statements)

The best defense against SQLi is using prepared statements, which separate SQL code from user input.

- Input Validation & Sanitization

  • Restrict input length (e.g., max 20 characters for usernames).
  • Allow only expected characters (e.g., no special symbols).
  • Use whitelisting (only allow valid characters, e.g., [a-zA-Z0-9]).


Use Web Application Firewalls (WAFs)

A WAF detects and blocks SQL injection attempts before they reach the database.


Limit Database Privileges

- Use least privilege access (application accounts should only have the permissions they need).

- Deny direct access to sensitive tables.


Hash & Salt Passwords

Never store plaintext passwords in a database. Instead, use bcrypt, Argon2, or PBKDF2 to hash and salt passwords before storing them.


Regular Security Audits & Testing

- Use SQL Injection Testing Tools like SQLMap to check for vulnerabilities.

- Conduct code reviews and penetration testing to identify weaknesses.

Comments

Post a Comment

Popular posts from this blog

Absolute and relative path in HTML pages

HTML documents can have relative or absolute links to other web pages. Relative links keeps a visitor on the same web site. Relative links are pointers to other web pages on the same web site. They just contain this page filename. Absolute links on other hand contain full path including protocol and domain name to access the page. Absolute links can point to the same web site or they can point to a different web site.
Read more

Errors

It is a good idea to send errors in production environment to error log. Errors may contain sensitive information. Even so errors maybe helpful to development team or to QA team, errors need to be suppressed in production environment for viewing by everyone. Errors are good way to troubleshoot an issue therefore only trusted people can have access to this information. If not a trusted person get an access to this information, this information maybe used against the company and for a personal benefit. What to do in a case when there are more servers than one? Even so it is possible to inspect the log files in a single server, however it is impossible to do so when there is more than one server is available and web traffic is redirected to a different server each time. Log aggregation is needed in this case. All of the logs will be send to a central location. Logs may contain sensitive information. Please consult your company lawyer of how long logs can be stored, because logs can be use...
Read more

goto PHP operator

goto operator will skip execution of code and continue execution of a code that follows a label to which goto operator points to. If code has many goto operators, than this code probably needs a revision. It is possible to write code that executes without goto operators.
Read more