I’m trying to learn for my Science class and I’m stuck. Can you help?
Having an unsecured website on the internet when it comes to code vulnerability assessments not being completed or unsanitized form fields on the websites can leave a huge hole for hackers to jump right in and completely mess up any SQL tables running on the database server or even attack the servers themselves.
By allowing SQL commands to be sent through the form fields (obviously not on purpose, but by oversight), the attacker can just type in an SQL query to check if the form is vulnerable to SQL insertion. In a guide written by Haroon Meer, he would input something like:
blah’ OR 1=1—
and if the form or web page returned an error that looked like:
Microsoft OLE DB Provider for SQL Server error ‘80040e14’
Unclosed quotation mark before the character string ” and Password=”.
/login.asp, line 40
then the attacker knows that the form did not sanitize form fields and allowed SQL to pass through to the SQL database. Now the attacker would easily be able to continue sending commands through the form field to login as different users or create accounts, give it administrator access, then either steal everyone’s information or wreak havoc by deleting all of the tables.
This short guide (citation below) had a very short but easy to read guide on how to test a website for SQL insertion vulnerabilities and then how to try logging in as an administrator and then how to read tables and gather usernames. This certainly helped explain it a bit better than the CEH handbook!
Meer, H. (n.d.). SQL Insertion. Retrieved June 16, 2019, from https://www.cgisecurity.com/lib/SQLinsertion.htm