Ethical Hacking: Techniques, Tools, and Countermeasures, 4th Edition

Structured Query Language (SQL) Injection

Structured Query Language (SQL; pronounced “sequel”) injection is an attack designed to exploit applications that access data stored in a database. Users and applications access database data through SQL statements. An attacker forces the SQL engine to execute commands that are unintended by the application developer by supplying, or injecting, specially crafted input data. These malicious SQL commands can force the application to reveal information that is restricted or even carry out unintended commands. Here’s what you need to know about SQL injection:

SQL injection is an exploit in which the attacker “injects” SQL code into an input box, form, or network packet with the goal of gaining unauthorized ...

Get Ethical Hacking: Techniques, Tools, and Countermeasures, 4th Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Ethical Hacking: Techniques, Tools, and Countermeasures, 4th Edition by Michael G. Solomon, Sean-Philip Oriyano

Structured Query Language (SQL) Injection

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly