"Hey guys, Lmacomstore for programming and security community is here! "

This is solder from up degree and in this lecture we are going to start my favorite SQL injection SQL injection is a very serious one durability which is even found in many websites there is a online banking site called altoro mutual and this has been developed by IBM for testing purposes right so when you search this you can go on the website and you will find a real banking website now remember this is for the testing purposes and you are free to test it right you can do anything with this website it's just for the testing purposes now SQL injection as the name suggests it's all about injecting the SQL code right the structured query language if you remember how a website works there is always a database in the backend that is storing the information right that database speaks in language which is the SQL right now let's say on the sign-in page there are these two fields and these are some of the attack vectors I will tell you these later let's say in these two fields I have soccer in the username and bunsall in the password I say lankan it will of course deny my login because my information is not in the database right you can see my information is not there in the database that's why it fails but but if I can use these fields to talk to the database and give him some manipulative commands that lets me in let me tell you one command that's very easy there is the apostrophe andthere is the - - which is - I - as well okay now apostrophe means ignore whatever is there in your code so let's say there is a whatever there in your code before this a and this - I found her - - it means ignore whatever there is after this a so basically I'm saying that only focus on this statement which I am writing right now okay and I say or 1 equal 1 okay I give it this command this is a structured query language and this command means ignore whatever there is in your code check okay check one equal one which is always true because one is always equal to one right check that and ignore whatever there is in your code after my command all right so let me just copy this thing please copy this thing paste it right here let me try to log in and if everything works fine the login as the first user which is the admin user in this account do you understand how it happened let me go back let me sign off and let me explain you daunting okay let's go in sign them and this is take command right so password and this exactly same I said the database that see in the database it should be that check username is equal to the username and check if password is equal to password this should be the real world application right but I said that ignore whatever you are having in your code and only check if one is equal to one if it is then approve me and same as the password so exactly it did whatever I wanted to do and it approved me now why this vulnerability occurs because of this sanitation and validation as we have been talking in all the things till now the developer is not sanitizing or validating the inputs developer is trusting the user he is trusting that user will enter user name in this field however we are entering an SQL query now you don't need to learn SQL queries or this whole language because it's too time-consuming and there are tools which can be used to automate this process one of those tools is SQL map and I will continue this series with SQL map in the next lecture till then have a great day. 

Post a Comment

Previous Post Next Post