Jan 07, 2026, 10:20 AM
What is SQL Injection?
Imagine a website has a login form or a search box that talks to a database in the background. The site takes what you type and plugs it straight into a database command without checking it properly.
A hacker can type special code into that box, tricking the database into doing something unexpected—like showing private data, letting them log in without a password, or even deleting stuff.
It's like telling a robot, "Give me the info for user Bob," but sneaking in extra instructions like "...and also show me everyone's passwords."
This happens because the website doesn't clean or separate user input from the actual command.
A Basic Example
Suppose a website checks login like this behind the scenes:
If you type a normal username like "john" and password "secret", it works fine.
But if a hacker types this in the username field:
The command becomes:
Since '1'='1' is always true, it logs in as the first user (often admin) without needing the right password.
That's a classic way to bypass login.
Another simple one: Typing a single quote ' into a field. If the site shows an error about "SQL syntax," it means it's vulnerable.
Common Tools Used for Testing
Security testers use these to automate finding and checking vulnerabilities:
Imagine a website has a login form or a search box that talks to a database in the background. The site takes what you type and plugs it straight into a database command without checking it properly.
A hacker can type special code into that box, tricking the database into doing something unexpected—like showing private data, letting them log in without a password, or even deleting stuff.
It's like telling a robot, "Give me the info for user Bob," but sneaking in extra instructions like "...and also show me everyone's passwords."
This happens because the website doesn't clean or separate user input from the actual command.
A Basic Example
Suppose a website checks login like this behind the scenes:
"SELECT * FROM users WHERE username = 'what you typed' AND password = 'what you typed'"But if a hacker types this in the username field:
john' OR '1'='1The command becomes:
SELECT * FROM users WHERE username = 'john' OR '1'='1' AND password = '...'Since '1'='1' is always true, it logs in as the first user (often admin) without needing the right password.
That's a classic way to bypass login.
Another simple one: Typing a single quote ' into a field. If the site shows an error about "SQL syntax," it means it's vulnerable.
Common Tools Used for Testing
Security testers use these to automate finding and checking vulnerabilities:
- sqlmap — Free and powerful open-source tool. It automatically detects and exploits SQLi. You point it at a URL or request, and it does the heavy lifting (like dumping databases). Great for beginners learning on test apps.
- Burp Suite — A pro tool for intercepting web traffic. You capture requests, send them to sqlmap, or test manually. The free version is good to start with.
- OWASP ZAP — Free alternative to Burp, scans for vulnerabilities including SQLi.
I Love u, See u next time