Cyber Noobie

SQL INJECTION: SQL injection can be classified into three major categories   –In-band SQLi,    –Inferential SQLi,    –Out-of-band SQLi.  In-Band SQLi (Classic SQLi): ---------------------------- In-band SQL injection is the most common and easy-to-exploit of the SQL injection attacks. In-band SQL injection occurs when an attacker is able to use the same communication channel to both launch the attack and gather results. Types: ------ –Error-based SQLi. –Union-based SQLi. Error-Based SQLi: ---------------- Error-based SQLi is an in-band SQL injection technique that relies on error messages thrown by the database server to obtain information about the structure of the database. In some cases, error-based SQL injection alone is enough for an attacker to enumerate an entire database. While errors are very useful during the development phase of a web application, they should be disabled on a live site or logged...

SQL injection Manual method & automation method of Exploitation: SQL-Injection:               Finding the injection point.               Finding the query vulnerability.{ ', " , \ , ') , ") }               Fixing & balancing the query.               Exploiting the database.                           Injection point :                                      GET                                      ...