SQL injection attack
SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed.
Forms of vulnerability
Incorrectly filtered escape characters: occurs when user input is not filtered for escape characters and is then passed into an SQL statement which results in the potential manipulation of the statements performed on the database by the end user of the application.
Incorrect type handling:
It occurs when a user supplied field is not strongly typed or is not checked for type constraints.
Vulnerabilities inside the database server:
vulnerabilities that can exist within the database server software itself, would allow an attacker to perform a successful SQL injection attack based on bad Unicode characters even if the user's input is being escaped.
Blind SQL injection:
It is is used when a web application is vulnerable to an SQL injection but the results of the injection are not visible to the attacker.
Preventing SQL injection
The main defense is user input must not directly be embedded in SQL statements. user input must be carefully escaped or filtered or parameterized statements must be used.
for more details, refer:
http://en.wikipediawiki/SQL_injection
[attachment=3086]
