In this article we've seen what an SQL injection attack is and also how to tamper with forms and URL's to product the results of an attack.
It's not always possible to guard against every type of SQL injection attack, however hopefully after reading this article you now know about the various types of SQL injection attacks that exist and have also planned ways to combat them on your servers.
Although I've only looked at SQL injection attacks with Microsoft SQL server in this article, keep in mind that no database is safe: SQL injection attacks can also occur on MySQL and Oracle database servers amongst others.
| DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware. |