In Depth: SQL Injection
[InDepth#2] Let's dive into SQL Injection, learn how it works, and what we can do with it.
We made it! Here we are with our second In Depth email. It may be a week late, but I’m sure the wait has been worth it. I hope you found last weeks’ security tip helpful - it’s easy to overlook, but is important for securing your app. This week, as promised, we’re looking into SQL Injection. I’m very excited for this one, as we’re going to do some actual attacks - not just look at theory and code. I have an interactive demo site up and running (details below), and I hope you have as much fun exploring the various attacks as I did creating them.
While working on this topic, it got me thinking about what I’m trying to achieve with this mailing list. I love the idea of producing more interactive demos to accompany these In Depth emails, so that’s something to look out for in future months1.
Now, before we begin, I need you to promise that the skills I teach you will be used for good, not evil. If you’re here to do evil, stop reading now! 🤫
SQL Injection (SQLi)
What is SQL Injection?
A SQL injection attack consists of insertion or “injection” of a SQL query via the input data from the client to the application. A successful SQL injection exploit can read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database (such as shutdown the DBMS), recover the content of a given file present on the DBMS file system and in some cases issue commands to the operating system. SQL injection attacks are a type of injection attack, in which SQL commands are injected into data-plane input in order to affect the execution of predefined SQL commands.
I like to think of SQL injection attacks modifying or hijacking a query for malicious purposes. They can happen any time the attacker is allowed to control some aspect of the query beyond what the developer is expecting.
There are two main types of SQL injection vulnerabilities:
Keep reading with a 7-day free trial
Subscribe to Securing Laravel to keep reading this post and get 7 days of free access to the full post archives.