SQL Injection

SQL Injection is also know as HTML Injection. Passing SQL queries in the Addreess bar with the intend to break out the system. This is to check the site vulnerability. You may think while we doing the SQL injection how we will find out the site is vulnerable or not.
While passing this SQL injection. if we found any of this below means its be a bug
* should not display the records(index.asp?–Select * from sales). it should not display the sales record in the front end page
*should not show any Database name
* should not show any table name
* should not show any column name
* should not show any constraints(Primary key/foregin key names)

In real world Hackers can enter in to the site by passing SQL injection and do according to their needs. if any above issue they got they can easily enter in to the site and hack it.

Leave a Reply

Your email address will not be published. Required fields are marked *