Tuesday, 31 October 2017

Types of SQL Injection



SQL injection is a code injection method, used to attack data-driven applications. This vulnerability allows a hacker to submit crafted input to interfere with the application’s interaction with back-end databases. A hacker may be able to obtain arbitrary data from the application, interfere with its logic, or execute commands on the database server itself.
The following are the three types of SQL injection attacks:
Union-Based SQL Injection
It is the most popular type of SQL injection. This type of attack uses the UNION statement, which is the integration of two select statements, to obtain data from the database.
Error-Based SQL Injection
An error-based SQL injection is the simplest type; but, the only difficulty with this method is that it runs only with MS-SQL Server. In this attack, we cause an application to show an error to extract the database. Normally, you ask a question to the database, and it responds with an error including the data you asked for.
Blind SQL Injection
The blind SQL injection is the hardest type. In this attack, no error messages are received from the database; hence, we extract the data by asking questions to the database. The blind SQL injection is further divided into two kinds:
1. Boolean-based SQL injection
2. Time-based SQL injection
The above techniques can be used to obtain the data in the database by either asking a question or inducing a time delay.

1 comment:

  1. Hello Everyone !

    USA SSN Leads/Fullz available, along with Driving License/ID Number with good connectivity.

    All SSN's are Tested & Verified.

    **DETAILS IN LEADS/FULLZ**

    ->FULL NAME
    ->SSN
    ->DATE OF BIRTH
    ->DRIVING LICENSE NUMBER
    ->ADDRESS WITH ZIP
    ->PHONE NUMBER, EMAIL
    ->EMPLOYEE DETAILS

    *Price for SSN lead $2
    *You can ask for sample before any deal
    *If you buy in bulk, will give you discount
    *Sampling is just for serious buyers

    ->Hope for the long term business
    ->You can buy for your specific states too

    **Contact 24/7**

    Whatsapp > +923172721122

    Email > leads.sellers1212@gmail.com

    Telegram > @leadsupplier

    ICQ > 752822040

    ReplyDelete

Popular Posts


Types of SQL Injection

SQL injection is a code injection method, used to attack data-driven applications. This vulnerability allows a hacker to submit crafte...

Blog Archive