What is an SQL Injection?
SQL Injection is a type of code injection specific to the SQL Query Language. Now days basic SQL Injection is outdated and easy to prevent but I just wanted to talk about it. Code injection allows a user to insert code into a currently running program
Basic SQL Injection
Lets imagine a website where when you login it sends this query to our SQL database SELECT * FROM users WHERE username = "user" AND password = "password" In this statement it asks the server to find a user who has whatever username and password we ask for. This statement putting whatever we ask it in the statement allows us to easily abuse it. Also imagine that the admin username is just admin.
To inject code we can enter the name of the account we want to access but add a quotation at the end ... username = "admin"" ... By adding this quotation all text entered after will be interpreted as code because we terminated the string. After we can enter OR "1"="1 This will make the statment look for the account with a matching password or if "1"="1" it will just give you access to the account. Lastly we end up with an expression that looks like this SELCET * FROM users WHERE username = "admin" OR "1"="1" AND password = "" (We don't put the last quote on the second 1 so that we use the leftover quote)