|

SQL injection can be classified into three major categories – In-band SQLi, Inferential SQLi and Out-of-band SQLi. In this article we shall be exploring In-band SQL Injection.

In-band SQLi (Classic SQLi)

In-band SQL injection is the most common and easy-to-exploit of SQL injection attacks. In-band SQL injection occurs when an attacker is able to use the same communication channel to both launch the attack and gather results.

The two most common types of in-band SQL injection are Error-based SQLi and Union-based SQLi.

Error-based SQLi

Error-based SQLi is an in-band SQL injection technique that relies on error messages thrown by the database server to obtain information about the structure of the database. In some cases, error-based SQL injection alone is enough for an attacker to enumerate an entire database. While errors are very useful during the development phase of a web application, they should be disabled on a live site, or logged to a file with restricted access instead.

Union-based SQLi

Union-based SQLi is an in-band SQL injection technique that leverages the UNION SQL operator to combine the results of two or more SELECT statements into a single result which is then returned as part of the HTTP response.

Part 1

SQLi: How it works

Part 2

What’s the worst an attacker can do with SQL?

Part 3

The anatomy of an SQL Injection attack

Part 4

In-band SQLi (Classic SQLi)

Part 5

Inferential SQLi (Blind SQLi)

Part 6

Out-of-band SQLi

Get the latest content on web security
in your inbox each week.

We respect your privacy

SHARE THIS POST
THE AUTHOR
Ian Muscat

Ian Muscat used to be a technical resource and speaker for Acunetix. More recently, his work centers around cloud security and phishing simulation.

Related Posts:

Most Popular Articles: