Chapter 2: Manipulating SQL – Exploiting SQL Injection

After dealing more generally with Structured Query Language (SQL) and its characteristics and peculiarities, we are now focusing more on the main crux of this book: the injection vulnerability. We've already seen, in a broader sense, what SQL injection is, and gave a glimpse of what could be done with it, and why.

In this chapter, as a follow-up to the previous one, we are continuing with the theoretical approach to the matter, getting more in touch with the practical aspects of SQL injection attacks. This chapter includes, in fact, examples of input strings that could be used for triggering SQL injection for many different purposes.

This chapter will lay the foundation for the practical ...

Get SQL Injection Strategies now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

SQL Injection Strategies by Ettore Galluccio, Edoardo Caselli, Gabriele Lombari

Chapter 2: Manipulating SQL – Exploiting SQL Injection

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly