Home 0P3N Blog SQL Injection: Best Practices and Projects
Ready to Start Your Career?
Create Free Account
Romansh Yadavs profile image
By: Romansh Yadav
January 16, 2017

SQL Injection: Best Practices and Projects

By: Romansh Yadav
January 16, 2017
Romansh Yadavs profile image
By: Romansh Yadav
January 16, 2017
sql-injectionEstimated reading time: 1.5 minutesHello everyone,Most people think that they know SQL injection. Some people may think that SQL injection is limiting in how it passes the login form. But, SQL injection covers a large area of research.First, let's take a look it what SQL injection is.Well, SQL injection is a way or technique that can fool the server. All we need to know is how the server side programming is communicating with the server.Once we find this information, we know it is between 40-50%. When we open any website it works in this way.
  • client->DNS->Server-> then server response goes straight to the client.
  • responce: server->client.
Then, after that, our communication starts in a new way.
  • client->server (DNS not required because we already have the IP)
Next, if the website has a database, we will want to log in. Then our communication will work in this way.
  • client->server->database
response;
  • database->server->client.
Next, we need to realize the server that we are sending the information to so that it passes it to the correct server. Then the server will provide us the response.As in a query  ‘or 1=1’, there are many techniques to realize that we are passing the true information.Now, some of you may say, "I want to learn SQL Injection, but I'm not able to find quality practice projects." My recommendation is download the bricks project (http://sechow.com/bricks/download.html).Caution -Be careful when using the servers. Choose the correct one - I suggest uwamp.  It provides an auto configuration with uwamp. If you want to use the xammp or wamp then we have to configure the username and password of that project.http://www.uwamp.com/en/?page=download.I hope this information will help to make you an expert.Thank you and best regards.
Schedule Demo

Build your Cybersecurity or IT Career

Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry