Sql injection, DOT NET Programming

What is SQl injection?

This is a Form of attack on the  database-driven Web site in which the attacker executes the unauthorized SQL commands by taking merits of insecure code on a system connected to the Internet, or bypassing the firewall. The SQL injection attacks are always used to steal the information from a database from which the data would normally not be available and/or to gain access to an organization's host computers through the computer which is hosting the database.

The SQL injection attacks typically are simple to avoid by ensuring that a system has strong input validation.

As the name suggest we inject SQL which can be relatively dangerous for the database.

For Example this is a simple SQL

SELECT email, passwd, login_id, full_name

 FROM members

WHERE email = 'x'

Now someone does not put "x" as the input but puts "x ; DROP TABLE members;". So the actual SQL which will execute is :-

SELECT email, passwd, login_id, full_name

 FROM members

 WHERE email = 'x' ; DROP TABLE members;

Posted Date: 9/24/2012 3:22:41 AM | Location : United States







Related Discussions:- Sql injection, Assignment Help, Ask Question on Sql injection, Get Answer, Expert's Help, Sql injection Discussions

Write discussion on Sql injection
Your posts are moderated
Related Questions
what is timer control

Print Triangle in Reverse Pattern - C# Program Need the code of C# Program for Print Triangle in Reverse Pattern.

What is Query String and what are their benefits and limitations? The query string is the information sent to the server appended to the end of a page URL. The benefits of u

What are the different elements in Functions points? 1) Internal Logical Files (ILF): Following are some points to be noted for ILF:- The ILF are logically related d

How to Creating a Key Pair ? You can create a key pair using the Strong Name tool (Sn.exe). Key pair files usually have an .snk extension. To create a key pair At the comman

How can you use Hidden frames to cache client data? This technique is implemented by developing a Hidden frame in page which will have your data to be cached. T cols="100

Change an web Admin panel into multilingual admin panel Project Description: Hello, We have already built a admin panel where only English is the presently supported language

Project Description: The website should be CMS based; coding done only on ASP, MySql databases, .net script, aspx and java use with least of the flash work. We will be sharing j

How can we implement singleton pattern in .NET ? The Singleton pattern basically focuses on having one and only one instance of the object running. Lets take an e.g. a windows

What is a host process? A host process is an implementable program that hosts a workflow. It might be a Windows Forms application, a Web application, or a Web service applicati