This is a theoretical post about types of SQL Injection attacks and the concepts behind SQL Injection. I have added this here since so far we had been dealing with URLs, and will continue to do so. For the attacker, there is no direct way to write complete queries and he/she may only make changes to the URL or input form. However, the knowledge of MySQL (or any other DBMS) part of the attack is necessary, since it will be required when you deal with more robust websites where the standard attacks won't work and you need to get creative. Before reading this post, I recommend these 3:-
Showing posts with label escape sequence. Show all posts
Showing posts with label escape sequence. Show all posts
Tuesday, February 17, 2015
SQL Injection Intermediate Level
This is a theoretical post about types of SQL Injection attacks and the concepts behind SQL Injection. I have added this here since so far we had been dealing with URLs, and will continue to do so. For the attacker, there is no direct way to write complete queries and he/she may only make changes to the URL or input form. However, the knowledge of MySQL (or any other DBMS) part of the attack is necessary, since it will be required when you deal with more robust websites where the standard attacks won't work and you need to get creative. Before reading this post, I recommend these 3:-
