Categories
Sql Server

What Is Sql Injection In Sql-Server And How Hackers Achieve It

What Is SQL Injection In SQL-Server

SQL injection is a attack which consist some malicious code has been inserted into strings that are later passed to an instance of SQL Server for parsing and execution. Any procedure that constructs SQL statements should be reviewed for injection vulnerabilities because SQL Server execute all syntactically valid queries that it receives from user input.

How Hackers achieve it:-

SQL injection achieved by direct insertion of code into user-input variables that are concatenated with SQL commands and executed. A less direct attack injects malicious code into strings that are destined for storage in a table or as metadata.
The example shows a simple SQL injection. The script builds an SQL query by a string entered by the user:

String sql = "select * from Order where City = '" + TextBox1.Text + "'";

In this script when a user input any city name into Textbox value then script will be like:-
select * from Order where City = 'delhi'

If anyone insert the mailicious code into textbox including city then it will be a script like this:-
select * from Order where City = 'delhi';drop table order--

The semicolon (;) denotes the end of one query and the start of another. The double hyphen (–) indicates that the rest of the current line is a comment and should be ignored. If the modified code is syntactically correct, it will be executed by the server. When SQL Server processes this statement, SQL Server will first select all records in order where city is delhi . Then, SQL Server will drop order table.

4 replies on “What Is Sql Injection In Sql-Server And How Hackers Achieve It”

I heard a couple of guys talking about this in the New York subway so I looked it up online and found your page. Thanks. I thought I was right and you confirmed my thoughts. Thanks for the work you’ve put into this. I’d love to save this and share with my friends.

Comments are closed.