Difference between revisions of "SQL Injection Examples on Known Vulnerable Web Applications"
VHorvathova (talk | contribs) |
VHorvathova (talk | contribs) |
||
Line 21: | Line 21: | ||
== Overview - Types of SQL injection == | == Overview - Types of SQL injection == | ||
=== In-band SQLi (Classic SQLi) === | === In-band SQLi (Classic SQLi) === | ||
In-band SQL Injection is the most common and easy-to-exploit of SQL Injection attacks. In-band SQL Injection occurs when an attacker is able to use the same communication channel to both launch the attack and gather results [https://www.acunetix.com/websitesecurity/sql-injection2/ [1]]. | In-band SQL Injection is the most common and easy-to-exploit of SQL Injection attacks. In-band SQL Injection occurs when an attacker is able to use the same communication channel to both launch the attack and gather results [https://www.acunetix.com/websitesecurity/sql-injection2/ [1]]. There are two under categories of this SQLi type. | ||
* <b>Error-based SQLi</b> | |||
Error-based SQLi is an in-band SQL Injection technique that relies on error messages thrown by the database server to obtain information about the structure of the database. While errors are very useful during the development phase of a web application, they should be disabled on a live site, or logged to a file with restricted access instead, so that no attacker can see error information displayed directly on the website. | |||
* <b>Union-based SQLi</b> | |||
== DVWA == | == DVWA == |
Revision as of 10:55, 5 January 2022
Summary
This is a documentation of various SQL Injection attacks performed on well-known and also not so popular vulnerable web applications. DRAFT
Requirements
- Operating system:
Methodology
Each example contains a link to the vulnerable web application or to a tutorial how to set it up, unless it is a vulnerable website that is just accessed online. Web applications used:
- BWAPP
- DVWA
- OWASP Juice Shop
- OWASP Mutillidae
- Badstore
- Zero Bank
- Hackxor
- Acuart
- ...
Each web application is listed below in separate chapters, providing some examples of the SQLi. This Wiki also offers a brief overview over the general types of SQL injection, another somewhat different overview can also be found here: SQL Injection.
Overview - Types of SQL injection
In-band SQLi (Classic SQLi)
In-band SQL Injection is the most common and easy-to-exploit of SQL Injection attacks. In-band SQL Injection occurs when an attacker is able to use the same communication channel to both launch the attack and gather results [1]. There are two under categories of this SQLi type.
- Error-based SQLi
Error-based SQLi is an in-band SQL Injection technique that relies on error messages thrown by the database server to obtain information about the structure of the database. While errors are very useful during the development phase of a web application, they should be disabled on a live site, or logged to a file with restricted access instead, so that no attacker can see error information displayed directly on the website.
- Union-based SQLi
DVWA
Acuart
This is a web application created by Acunetix as a test and demonstration site for Acunetix Web Vulnerability Scanner.
Used Hardware
Device to be used with this documentation Maybe another device to be used with this documentation