What is SQL injection?
sql injection SQL Injection คือ รูปแบบการโจมตี Web Application ที่ส่ง Query เข้าไปใน input ของ Web Application ซึ่ง ณ ปัจจุบันเป็นปัญหาที่พบได้เยอะและบ่อยที่สุด Error Based SQL Injection – this method can only be run against MS-SQL Servers In this attack, the malicious user causes an application to show an error
How to Prevent SQL injection? · Password hashing · Third-party authentication · Web application firewall · Purchase better software · Always SQL injections are possible whenever user input or other data reaches the SQL interpreter Attackers employ special characters to try to inject their own
Time-based SQL Injection is an inferential SQL Injection technique that relies on sending an SQL query to the database which forces the database to wait for a SQL injection is a technique used to extract user data by injecting web page inputs as statements through SQL commands