Topics

• How an SQL Injection is Created
• How to Exploit an SQL Injection
• SPOILER: How to Prevent an SQL Injection in the Next Presentation

How Does it Happen

An SQL injection occurs when two things come together.

Number 1

An SQL Query as a string embedded in other languages

sql_query =
  cursor.execute(
    "SELECT * FROM user_data where username = 'admin' and password = 's3cur3P4ssw0rd'"
  )

Number 2

User input is possible as a part of said SQL query

sql_query =
  cursor.execute(
    "SELECT * FROM user_data where username = '%s' and password = '%s'",
    % (username, password)
  )

How to Exploit an SQL Injection

• Close the string through an ending quote
• Continue the query with your own SQL code

The End