3.)⚠️Error-based SQL injection: This attack uses error messages generated by the database to gather info about the structure of the db, such as table & column names. after testing your site/app, turn off debug mode, & ⌦~Delete your custom debug statements~ after you are done with them!
#computersciencestudents #compsci #TipsAndTricks #LAMP #LEMP #Nginx #Linux #Server
2.) ✅❌Blind Boolean-based SQL injection: Attacker sends a series of ✅true or ❌false statements to extract data from the DB. Like a game of 20 questions, the attacker keeps sending queries that reveal new sensitive info depending on if a certain condition is true or false. Little by little, they get more and information about what is in the mysterious magic 🪄✨⬛️"Black Box" that is your SQL database.
#MariaDB #SQLLite #SQLserver #Oracle #query #Php #Python #webdevelopment #programming
👀 Get to know 'em before they get to know you...
3 SQL Injection types:
1.) ⋃🤝Union-based SQL-injection
2.)✅❌ Blind Boolean-based
3.)⚠️Error-based SQL injection:
1.) ⋃🤝Union-based:
I'm mostly pro-union but...🫢😨😰 not when it comes to relational databases. 😮💨 This attack uses UNION operator to combine results of multi SELECT statements, allowing attackers to extract data from multi tables or even other DBs.
#ComputerScience #SQL #WordPress #database #databreach #DataScience #opensource #MySQL