Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
What is SQL?
SQL stands for Structured Query Language SQL can: execute queries against a database retrieve data from a database insert new records in a database delete records from a database update records in a database
1 2 3
RDBMS:
Almost all SQL databases are based on the RDBM (Relational Database Model) One important fact for SQL Injection
Amongst Codd's 12 rules for a Truly Relational Database System:
4. Metadata (data about the database) must be stored in the database just as regular data is. (For reference THE E.F codds rules are given in MSBTE 2nd year diploma IT book.)
Therefore, database structure can also be read and altered with SQL queries
How to find sites vulnerable to SQL injections. To find vulnerabilities magical coat is used As It closes the string parameter
(If it returns something then login!) ASP/MS SQL Server login syntax
var sql = "SELECT * FROM users WHERE login = '" + formusr + "' AND password = '" + formpwd + "'";
60% of INDIAN WEBSITES ARE VULNERABLE TO SQL INJECTION 30% are VULNERABLE TO ACUNTIX 10% ARE SECURED BUT WITH REGRETS
Sites hacked through SQL. Only for Study use not to access it as per INDIAN CYBER LAWS
NASA HACKED
THE DE-FACEMENT.