Stack Overflow
Stack Overflow

Questions tagged [sql-injection]

SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker).

SQL injection exploits a type of computer security vulnerability found in applications with SQL databases. It enables attackers to apply malicious SQL commands to the database via user input. It can for example extract, alter or delete sensitive data.

The vulnerability is present when user input is used directly in the SQL commands, instead of as parameters or properly filtered (also known as "sanitized", e.g. by quoting escape characters). It happens primarily because of poorly written SQL handling functions in client applications.

See famous example - Bobby Tables incident and the community wiki question's answer How can I prevent SQL injection in PHP?

Useful Links

3768 questions
1
vote
2 answers

How to execute query on hive with jinjasql

Is it possible to execute query for hive using jinjasql and pyhive? When I tried it I got following error. pyhive.exc.ProgrammingError: Unsupported param format: odict_values(['XXXXXXX']) I can execute query with jinjasql as well as with pyhive…
user9756398
  • 13
  • 5
1
vote
1 answer

ActiveRecord complex where clause without sql injection

I'm building a search for my website and I'm trying to use the search query by splitting it to terms and then search by subcategory or short_description: whereQuery = '' declared(params).search.downcase.split(' ').each_with_index do |searchTerm,…
itzikos
  • 375
  • 1
  • 5
  • 13
1
vote
1 answer

SQL injection for Stored Procedure

I'm evaluating the possibility of doing SQL injection for my sp. I have tried using this to do SQL injection but didn't manage to inject (meaning the injection text was inserted to table as per normal): data'; DROP TABLE my_table; -- How should I…
xzk
  • 827
  • 2
  • 18
  • 43
1
vote
1 answer

Avoiding SQL injection in Web API query string parameters

We have an ASP.NET Web API controller that accepts a comma-delimited string of database column names from the query string. This string of column names is checked to ensure only alpha characters, underscores, and commas are present in the string; no…
DenaliHardtail
  • 27,362
  • 56
  • 154
  • 233
1
vote
1 answer

Confirming a reported vulnerability in ZAP (SQL Injection authentication bypass)

I need to manually confirm. the following... how do i go about it? I have tried putting the parameter as the login name and the ZAP AND 1=1-- as the password in the form....this doesn't work. Do i even use the login form or do i use the URL and…
Joe C
  • 11
  • 3
1
vote
1 answer

Protect a dynamically generated SQL query from SQL injections. C#

For example, I have some sample code below. updateData(Dictionary data){ string strTemp = string.Empty; foreach(KeyValuePair values in data){ strTemp = values.Key + "='" values.Value + "',"; } …
Neema
  • 13
  • 5
1
vote
3 answers

SQL login injection, selecting the second row

I have this sample php code that i want to demostrate SQL injection with.I have been able to login using ' or 1=1-- but it select the first row. I want to slect the second user .My table has only two users.Now i want to base my injection with the…
ngahu daniel
  • 69
  • 9
1
vote
1 answer

Java SQL Injection - MySQLSyntaxErrorException

I am attempting to SQL inject one of my applications for a write up that I need to do for a project. I have used the following statement: Statement statement = conn.createStatement(); String insertTableSQL = "INSERT INTO activity (activity_name,…
jackabe
  • 345
  • 9
  • 23
1
vote
1 answer

How to exploit my PHP code with SQL Injection

I am working on a project where we have to write a login page with PHP and then exploit it using SQL injection, before fixing the vulnerability. So far I've written the login page, which connects to a database and does a lookup to see if a user…
Connor J
  • 540
  • 1
  • 6
  • 17
1
vote
1 answer

One of our users visited different URLs in my website

I have a affiliate website. I am monitoring which websites are user visiting. For the first time I have noticed a user is visiting following url in my websites which I guess is some kind of hacking attempt. I need help. Constantly my website is…
user7011444
  • 29
  • 3
1
vote
1 answer

How do I add parameters to a bulk insert statement to protect against SQL injection and increase performance?

I am importing a file from a user on the web that contains 150K rows and has to be broken up resulting in about 1.6M items that will be added to the database. At the moment I add the primary record first and then add the children after with the key…
Middletone
  • 4,190
  • 12
  • 53
  • 74
1
vote
2 answers

Is this code anti mysql injection?

I got this example from one website. And I am about to upgrade the security of my code. So May I have your opinion if this kinda code strong enough to prevent the injection? $sql = sprintf( " INSERT INTO `members` (`id`, `username`,…
Wilf
  • 2,297
  • 5
  • 38
  • 82
1
vote
0 answers

Second Order SQL Injection - PreparedStatement

The following section of my code is raising concern in "Second-Order SQL Injection". private String function1 (String var1) { String sql = "SELECT field1 FROM table1 WHERE field2 = ?"; PreparedStatement ps = null; ResultSet resultSet =…
user3007096
  • 21
  • 2
1
vote
4 answers

How can i prevent sql injection but keep " and '?

How do prevent sql injection in php but still show " and '? A the moment I am using $input = strip_tags($input); $input = htmlentities($input); However the output is \" and \'. Is there anyway I can show " and ' without the slashes but keep them…
Yesterday
  • 561
  • 1
  • 15
  • 31
1
vote
3 answers

Connecting directly to database with credentials in SQLMap

I have the credentials of a TARGET website database and SQLMap Claims that you can connect to the database directly Here are my Commands on SQLMap in Kali Linux sudo sqlmap -d mysql://USER:PASSWORD@TARGET_IP:MySQL_Port/DATABASE example sudo sqlmap…
CatChMeIfUCan
  • 569
  • 1
  • 7
  • 26
1 2 3
99 100