Thursday, 24 January 2013

sql injection





hi friends abhilash here

in this post you will learn some basic of sql injection

at first  what is SQL and SQLi ?


SQL is the shot for "structured query language".This language is needed to communicate with the database .                                                        

 A query is a set of instruction sent to the database which searches the   corresponding data in the database.


SQLi is a hacking technique use to use the database without any authorization



there are many ways of finding SQLi vulnerable site 

you can search using dorks that i have posted before

now i will demonstrate a simple example of SQL injection

let see an example

 http://www.xyz.com/details.php?id=10

now we have to check the site is vulnerable or not by just adding a single quote at the last of the url 

now the url becomes  

http://www.xyz.com/details.php?id=10'

if you find some data is missing on the page than that site is vulnerable to

 SQL injection 

an SQLi vulnerable site looks like this
























No comments:

Post a Comment

Bottom Navi

copyright Encyberpedia. Powered by Blogger.

Followers

like Encyberpedia on Facebook

About

I am Abhilash Naik.Ilove writing blogs on technology and web designing .

About

Tips,Tricks,Hacks,Internet

Total Pageviews