SQL Injection can be applied in an array of ways to create serious problems. By levering SQL Injection, an attacker could neglect authentication, access, change, and delete data inside a database. In some cases, SQL Injection can also be use to implement commands on the operating system. Possibly providing an attacker to increase to more damaging attacks inside of a network that sits back a firewall. Here we will know about Famous SQL Injection Attacks in Cyber World.
SQL injections typically come following these three categories:
- In-band SQLi (Classic),
- Inferential SQLi (Blind), and
- Out-of-band SQLi
You can assign SQL injections types based on the methods they use to enter the backend data and their damage potential.
In-band SQL injection
The attacker implements the same channel of information to launch their attacks and to find their results. In-band SQLi’s simplicity and effectiveness make it one of the most popular types of SQLi attacks. There are two more methods which are sub-variations of this method:
- Error-based SQLi—the attacker executes actions that make the database to display error messages. The attacker can probably use the data provided. By these error messages to collect data about the structure of the database.
- Union-based SQLi—this technique takes benefit of the UNION SQL operator, which combines multiple select statements produced by the database. To make a single HTTP response. This response may include data that can be leveraged by the attacker.
Inferential (Blind) SQL
The attacker sends data payloads to the system server and observes the reply and behavior of the server to get more about database formation. This method is call blind SQLi because the data is not given from the website database to the attacker, therefore the attacker cannot see the server data or information about the attack in-band.
Blind SQL injections rely on the reply and behavioral patterns of the server so they are typically heavier to perform but maybe just as dangerous. Blind SQL injections can be categorize as follows:
- Boolean—that attacker sends a SQL query to the database implying the application to deliver a result. The result will diverge depending on whether the query is true or false. Based on the result, the information within the HTTP reply will change or stay unchanged. The attacker can then work out if the message generated a true or false result.
- The time-based—attacker sends a SQL query to the database, which causes the database delay (for a period in seconds) before it can respond. The attacker can see from the time the database needs to react, whether a question is true or false. Based on the outcome, an HTTP response will be create directly or after a waiting time. The attacker can, therefore, work out if the message they applied returned true or false, without relying on data from the database.
Out-of-band SQL injection
The attacker can only carry out this form of attack. When specific features are approve on the database server manage by the web-based application. This form of attack is essentially use as an option to the in-band and probable SQLi techniques.
Out-of-band SQLi is execute when the attacker can’t use a similar channel to start the attack. And collect information, or when a server is extremely slow or unstable for these activities to be performe. These methods count on the capacity of the server to perform DNS. Or HTTP requests to shift data to an attacker.
These all are Famous SQL Injection Attacks in Cyber World
If you don’t know what is SQL Injection attack, read this article: What is SQL Injection Attacks and how it works.