All geek questions in one place

SQL injection and possible attacks

Hi I have the following query, which is part of the java class. I just want to know what possible attacks are possible with SQL Injection. How can an attacker enter requests? What are sample queries in this case that can be used to access the database?

    String query = ("SELECT username, password, admin FROM users 
    WHERE "  + "username='" + username + "' AND password='" + 
    password + "'"); 
    ResultSet rs = st.executeQuery(query); 
    // Entry in the result set means the query was successful and 
    //the user is a valid user
    if (rs.next()) { 
    username = rs.getString(1); 
    isAdmin = rs.getBoolean(3);

I think this is a possible way to attack, also putting username as abc '; #, since anything after # will be considered as a comment in SQL. What do others think about this?

I want to know that an attacker will enter the username and password of the HTML page to gain access as an administrator. Assuming that the work of the above java class is to process a user request entered from an HTML page by querying a database.

+1
4

https://xkcd.com/327/

, , , , usUsername, "us" . "us" - , sUsername (s ). , , s-varaibles .

: http://www.joelonsoftware.com/articles/Wrong.html

+3

, - , , .

- , . , . SQL Server xp_cmdshell , SQL-.

SQL Injection - , , - , - .

Havij, , SQLi.

+2

. , .

0

, 'admin', 'dummy', 1 , :

' AND 1=0 UNION SELECT 'admin', 'dummy', admin FROM users WHERE admin = 1 AND '1'='1

:

SELECT username, password, admin FROM users 
WHERE username='dummy' AND password='' AND 1=0 UNION SELECT 'admin', 'dummy', admin FROM users WHERE admin = 1 AND '1'='1'

SELECT , 1=0 . , SELECT , admin=1 , admin dummy .

You should use prepared statements and pass values ​​as parameters when executing.

0
source

Source: https://habr.com/ru/post/1621251/

More articles:


All Articles