Sql injection, DOT NET Programming

What is SQl injection?

This is a Form of attack on the  database-driven Web site in which the attacker executes the unauthorized SQL commands by taking merits of insecure code on a system connected to the Internet, or bypassing the firewall. The SQL injection attacks are always used to steal the information from a database from which the data would normally not be available and/or to gain access to an organization's host computers through the computer which is hosting the database.

The SQL injection attacks typically are simple to avoid by ensuring that a system has strong input validation.

As the name suggest we inject SQL which can be relatively dangerous for the database.

For Example this is a simple SQL

SELECT email, passwd, login_id, full_name

 FROM members

WHERE email = 'x'

Now someone does not put "x" as the input but puts "x ; DROP TABLE members;". So the actual SQL which will execute is :-

SELECT email, passwd, login_id, full_name

 FROM members

 WHERE email = 'x' ; DROP TABLE members;

Posted Date: 9/24/2012 3:22:41 AM | Location : United States







Related Discussions:- Sql injection, Assignment Help, Ask Question on Sql injection, Get Answer, Expert's Help, Sql injection Discussions

Write discussion on Sql injection
Your posts are moderated
Related Questions
Calculate Standard Deviation - C# Program Hello i am unable to find the code for Calculate Standard Deviation in c#. Can anybody please provide me the assignment help?

Project Description: I have a basic C# control interface that I want to be accessed remotely. Possible implementation using wrappers. Skills required are C# Programming, Webs

What are the different types of triggers in SQl There are 2 types of triggers in the SQL server 2000 :- 1) INSTEAD OF triggers: The INSTEAD OF triggers fire in place of

I need to develop a new website. Previous site was not good and I need better one with not only static but using also more details . Skills required: .NET, MySQL, C# Programm

What is a Cloud Service? A cloud service is used to build cloud applications. This service gives the facility of using the cloud application without installing it on the comput

Human Aimbot and CSGO Wallhack Need a CSGO hack which can Aimbot and wallhack realistically. Must be VAC Proof, and ESL proof, as well as Overwatch proof (in teh case of thei

What are standard query operators in LINQ? The standard query operators in LINQ are the extension process that forms the LINQ pattern. These operators form an API that enables

In which statement the LINQ query is executed? A LINQ query is executed in the For every statement in Visual Basic and in the for each statement in C#.

Develop Nesting software with unit costing for gasket manufacturing Project Description: Our current gasket costing software is old and antiquated and has limited use interna

Project Description: System is used for tracking company's activities through several projects by keeping track of incomes and expenses per project. This project is fairly ea