hailsa blog

Back to all posts

What is an SQL injection?

Posted by hailsa on October 1, 2021

Sql Injection or SQL Injection is a vulnerability that allows the attacker to send or "inject" SQL instructions in a malicious and malicious way.

Why an sql error occurs?

An SQL error normally occurs with the bad filtering of the variables in a program that has or creates SQL, generally when you ask a user for inputs of any type and they are not validated, such as their name and password, but in exchange for this information the attacker sends an invasive SQL statement that will be executed against the database.

Sql injection types

An sql injection can be exploited in 2 different ways, manually, that is, the attacker will inject the script by hand in order to generate the action within the database. On the other hand we have the automated injection with sqlmap, sqlmap is a tool specially designed for this type of attack, it is in charge of analyzing the page, seeing if it is vulnerable and attacking, it is said that it is automated since the tool does everything by itself , the user only needs to enter the options they want to use to make the scan more effective.

About the author: Hailsa, a guy who wants to learn cybersecurity and create the biggest company to help to keep save the cyber world. I am 18 years old and I am about to start the college and tain me as a informatic engineer.