sql injection (SQLi)
What is SQL Injection?
SQL Injection (SQLi) is a type of cyberattack where an attacker inserts malicious SQL code into a web application’s input field to interfere with its database. If the input isn’t properly filtered or sanitized, the attacker can execute commands to view, modify, or delete data, or even gain admin access.
This vulnerability is common in web forms, login pages, and search fields.
SQL injection is one of the most common ways that web applications are hacked. It's included in the OWASP Top 10 as one of the most critical types of web app vulnerabilities and has been responsible for major breaches like the Equifax incident.
How does SQL Injection work?
In a typical SQL injection, the attacker enters a specially crafted string into a form input (like a username or search box). If the application inserts that string directly into an SQL query without validation, it can change the logic of the query.
For example, instead of just checking for a valid username, the query might be manipulated to return all users or bypass authentication. More advanced injections can allow full database dumps, privilege escalation, or even code execution.
What are the main risks associated with SQL injection vulnerabilities?
The main potential risks of a SQL injection attack are:
- Extraction of data from a system's database, such as usernames and passwords
- Remote execution of code, leading to full control over the server
- Reading, writing, and deleting content within a database
What’s the difference between XSS and SQLi?
Cross-site Scripting (XSS) and SQLi are both types of injection attacks. They happen when attackers send unexpected code into a website. With SQLi, the goal is to attack the website’s database. With XSS, the goal is to attack the user’s browser.
How to test for SQL Injection
Vulnerability scanners like Intruder’s SQL Injection Scanner checks applications for SQLi vulnerabilities. These tools simulate injection attempts and analyze application responses to detect weaknesses.
Intruder’s scanner crawls your web app and tests for unsafe handling of user inputs. It highlights vulnerable endpoints and provides clear remediation advice to help fix them fast.
How does Intruder’s SQL injection scanner work?
The first thing you need to do is add your applications as targets by entering the IP addresses or URLs. You can then kick off your first scan in just a few clicks – it’s that simple!
Once your scan is complete, you will see a list of issues. You can search for ‘SQL injection’ in the search bar to see if this type of vulnerability is present, and if so, which target(s) it affects.
