Quality Testing

Quality is delighting customers

How to perform SQL Injection? I have no idea about this so please help me to perform this.

Thanks & Regards,
Nistha

Views: 296

Reply to This

Replies to This Discussion

Hello Nistha ,

SQL Injection Type

1] or 1=1--
2] ' or 1=1 or ''='
3] "or1=1--
4] ') or ('1'='1--
5] ') or '1'='1--
6] ' or 1=1/*
7] ' or 1=1#
8] ' or 1=1--
9] ' or 1=1 or ''='

How To perform SQL Injection Please check attach PDF File..
Attachments:
good material....do you have test scenario ?...if you have test scenario . please mail me to loga.inbox@yahoo.com

Let us understand a 1 practical examples of SQL injection.

If the application has a log in page, it is possible that the application uses a dynamic SQL such as statement below. This statement is expected to return at least a single row with the user details from the Users table as the result set when there is a row with the user name and password entered in the SQL statement.

SELECT * FROM Users WHERE User_Name = ‘” & strUserName & “‘ AND Password = ‘” & strPassword & “’;”

If the tester would enter sandip as the strUserName (in the textbox for user name) and cyber as strPassword (in the textbox for password), the above SQL statement would become:

SELECT * FROM Users WHERE User_Name = ‘sandip’ AND Password = ‘cyber’;

If the tester would enter John’– as strUserName and no strPassword, the SQL statement would become:

SELECT * FROM Users WHERE User_Name = ‘sandip’– AND Password = ‘cyber’;

Note that the part of the SQL statement after John is turned into a comment. If there were any user with the user name of sandip in the Users table, the application could allow the tester to log in as the user sandip. The tester could now view the private information of the user sandip.

What if the tester does not know the name of any existing user of the application? In such a case, the tester could try common user names like admin, administrator and sysadmin. If none of these users exist in the database, the tester could enter sandip’ or ‘x’=’x as strUserName and cyber’ or ‘x’=’x as strPassword. This would cause the SQL statement to become like the one below.

SELECT * FROM Users WHERE User_Name = ‘sandip’ or ‘x’='x’ AND Password = ‘cyber’ or ‘x’=’x’;

Since ‘x’=’x’ condition is always true, the result set would consist of all the rows in the Users table. The application could allow the tester to log in as the first user in the Users table.


If the tester would enter sandip’; DROP table users_details;’—as strUserName and anything as strPassword, the SQL statement would become like the one below.

SELECT * FROM Users WHERE User_Name = ‘sandip’; DROP table users_details;’ –‘ AND Password = ‘cyber’;

This statement could cause the table “users_details” to be permanently deleted from the database.
Hi Sandip

I have a clarification, Is it same as 'Acunetix Web Vulnerability Scanner' which i had used for Vulnerbility testing ? if any difference please let me know.

Thanks in Advance.

Regards
Venkatesh
Hi Venkatesh ,

Please login http://www.acunetix.com/ and download Acunetix Web Vulnerability Scanner trial version and check .

--Sandip Wagh
Hi Nistha,

Check the following link and attached docs :
http://unixwiz.net/techtips/sql-injection.html

Regards,

Sandeep
Attachments:
Hi,

You can get various combinations of SQL injections with applicable on various DBMS from http://ferruh.mavituna.com/sql-injection-cheatsheet-oku/

Thanks,
Ankit Mehta
Sr. QA Engineer
InfoStretch Solutions Pvt. Ltd.
@ Ankit: U r frm Infostretch???? U knw abt its sister concern company in navi mumbai..???
Yes! we have one offshore development center at Mumbai as well
its V2 Solutions.. Ryt!!.. m ex-employee of tht company.. n i had gud experience there.. :) thats y m interested in Infostretch also...
We have vacancies at Ahmedabad location.

Add me on gtalk: ankitmehta21
okiess.. I do.. :) thank u...

RSS

TTWT Magazine


Advertisement

Advertisement

Advertisement

Advertisement

© 2021   Created by Quality Testing.   Powered by

Badges  |  Report an Issue  |  Terms of Service