SQL Injection
A nice way to check for this vulnerability is to input a quote and see if something goes wrong.
SQL injection can be used to bypass login, but it can also be used to gather information. Of the things you can discover:
The data itself.
Enumerate other tables.
Amount of rows and columns.
The version of the DB.
The user that runs the queries
Notes
Some DBs are configured to be able to interact with the OS! You can load and write to files.
The code may expect one query, so when injecting queries a LIMIT can be added.
Last updated