Basic SQL Functions
| SELECT | read data from the database based on searching criteria |
| INSERT | insert new data into the database |
| UPDATE | update existing data based on given criteria |
| DELETE | delete existing data based on given criteria |
| UNION | used to combine the result-set of two or more SELECT statements. |
| WHERE | used to extract only those records that fulfill a specified condition. |
| Order By | used to sort the result-set in ascending or descending order. |
| Limit By | statement is used to retrieve records from one or more tables. |
SQL Injection Characters
| Character String Indicators | ‘ or “ |
| Multiple-line comment | /*....*/ |
| Addition, concatenate ( or space in URL) | + |
| # or – -(hyphen hyphen) | || |
| Wildcard attribute indicator | % |
Types of SQL Injection
- Error Based SQL Injection
- Blind SQL Injection
SQL Injection Technique
- Union Based SQL Injection
- Error Based SQL Injection
- Boolean Based SQL Injection
- Time Based SQL Injection
Where to search for SQL Vulnerability :
- Authentication Page
- Search Fields
- Post Fields
- Get Fields
- HTTP Header
- Cookie
List of Database
- MySQL(Open source),
- MSSQL,
- MS-ACCESS,
- Oracle,
- Postgre SQL(open source),
- SQLite
Automated tools to perform SQL Injection :
- sqlmap
- sqlninja
For more info/Articles about Web Application Security : http://www.sec-art.net/p/web-security.html