SQL Injection Attack Tutorial (2019)

Veröffentlicht am: 22 Juni 2018
auf dem Kanal: HackHappy
404,626
7k

SQL Injection attacks are still as common today as they were ten years ago. Today I'll discuss what are SQLi and how you can exploit SQLi vulnerabilities found in software.

📌 Try out my Python Ethical Hacker Course: https://goo.gl/EhU58t

📌Get 25 Python Books for only $0.60 each:
https://goo.gl/78gZQ5
📌Limited Edition Hacker Gear: https://goo.gl/H3TJEC

In this SQL Injection tutorial I will cover the following topics:
- What is SQL
- What does SQL do
- How SQL is used
- SQL Injection attack example
- Enumerating database servers
- Dumping User Credentials

SQL Injections are easy to exploit as you need nothing more than a web browser to carry out a SQL attack. SQL injections usually take place during user input, like their username. Instead of a username the user enters a SQL statement that will unknowingly run on the database.

A prosperous SQL injection attack can read sensitive data from the database, modify database data (insert/update/efface), execute administration operations on the database (such as shutdown the DBMS), recuperate the content of a given file on the DBMS file system or write files into the file system, and, in some cases, issue commands to the operating system.

SQL Injection attacks can be divided into the following three classes:

- Inband: data is extracted using the same channel that is used to inject the SQL code. This is the most straightforward kind of attack, in which the retrieved data is presented directly in the application web page.

- Out-of-band: data is retrieved using a different channel.

-Inferential or Blind: there is no actual transfer of data, but the tester is able to reconstruct the information by sending particular requests and observing the resulting behavior of the DB Server.

**DISCLAIMER**
This video content has been made available for informational and educational purposes only. The content within this video is meant to educate viewers on cyber security topics, methodologies, and tactics to better protect against cyber security threats. Don't be evil.


Auf dieser Seite können Sie das Online-Video SQL Injection Attack Tutorial (2019) mit der Dauer stunde minuten sekunde in guter Qualität ansehen, das der Benutzer HackHappy 22 Juni 2018 hochgeladen hat, den Link mit Freunden und Bekannten teilen, dieses Video wurde auf Youtube bereits 404,626 Mal angesehen und es wurde von 7 tausend den Zuschauern gefallen. Viel Spaß beim Betrachtenden Zuschauern gefallen!