Hacking Tutorials SQL Injection

Types and Classes of SQL Injection

Hi there! Today I am going to tell you about the classes and types of the SQL injection. So without wasting time, lets go!

Classes of SQL injection

We all know that SQL injection is all about injecting malicious SQL queries and extracting data from the database. So on the basis of how information is retrieved from the target, SQL injection can be broken into 3 classes.

In-band SQL injection

When data can be extracted through the same channel by which the malicious queries are being injected, it is called in-band SQL injection.

For example, if the attacker is injecting the queries through the webpage and he can read the results from the same webpage, it is in-band SQL injection.

Out of Band

When the data is retrieved through a different channel, it is called out of band SQL injection.

For example, if the attacker injects malicious queries through the webpage and the web application sends the result in an email, it would be a case of out of band SQL injection.

Inferential

In inferential SQL injection, no actual data gets extracted but the attacker has to reconstruct the information by sending well crafted requests and analyzing the behavior of the web application.

Types of SQL Injection

On the basis of injection method, SQL injection is of 3 types:

Error Based SQL Injection

In the error based SQL injection, the attacker submits a malformed query to the web application which throws an error. The attacker can extract data from these errors. This is the easiest method of SQL injection.

Union Based SQL Injection

In the union based SQL injection, the attacker combines his own SQL query and the existing query using the UNION statement to extract the data from the database. Its useful for dumping hug amounts of data.

Blind Based SQL Injection

In the blind based SQL injection, the attacker has to send a query and then analyze the response of the web application.

For example, the attacker can submit a query which delays the web page loading by 10 seconds if the number of tables in the database is 1. If the page the page is displayed normally that means the number of tables is not 1 and hence the attacker can keep increasing the value to find out the exact number of tables in the database.

That’s it for now. Keep learning! Keep injecting!

Also Read: How to hack any website? : Bug Bounty Tips & Methodologies

About the author

D3V

I am Somdev Sangwan also known as D3V. I am n00b and I love computers and hacking. I am a python freak and your friendly neighborhood hacker.

1 Comment

Click here to post a comment

Subscribe Now

Subscribe for free and get latest articles delivered right into your inbox.

Thank you for subscribing.

Something went wrong.

Categories