Lesson Plan Title: How to Perform Numeric SQL Injection

 

Concept / Topic To Teach:

SQL injection attacks represent a serious threat to any database-driven site. The methods behind an attack are easy to learn and the damage caused can range from considerable to complete system compromise. Despite these risks, an incredible number of systems on the internet are susceptible to this form of attack. Not only is it a threat easily instigated, it is also a threat that, with a little common-sense and forethought, can easily be prevented. It is always good practice to sanitize all input data, especially data that will used in OS command, scripts, and database queiries, even if the threat of SQL injection has been prevented in some other manner.

 

General Goal(s):

The form below allows a user to view weather data. Try to inject an SQL string that results in all the weather data being displayed.

 

Solution:

 

 

The application is taking your input and inserting it at the end of a pre-formed SQL command.

Compound SQL statements can be made by joining multiple tests with keywords like AND and OR. Try appending a SQL statement that always resolves to true.

 

This is the query: SELECT * FROM user_data WHERE userid = 101

 

What happens if you insert 101 or 1=1?

 

Figure 1 Numeric SQL Injection

 

Figure 2 Lesson 17 Completed