SQL Injection — Technology Wiki

Overview

Direct Answer

SQL injection is a code injection vulnerability that allows attackers to insert malicious SQL statements into input fields of database-driven applications, bypassing authentication or extracting unauthorised data. This occurs when user-supplied input is concatenated directly into SQL queries without proper sanitisation or parameterised preparation.

How It Works

Attackers craft specially formatted input strings containing SQL syntax that, when concatenated into a query, alter the intended logic. For example, entering a username field with ' OR '1'='1 changes a WHERE clause to always evaluate as true, circumventing login checks. The vulnerability exists because the application fails to distinguish between data and executable SQL commands.

Why It Matters

Organisations face significant financial and reputational damage from unauthorised database access, data breaches, and regulatory fines under standards such as GDPR and PCI DSS. Attackers exploit this technique to steal customer records, manipulate transactions, or disable critical systems with minimal technical effort.

Common Applications

This vulnerability affects web applications with login forms, search functionality, and content management systems. Financial services, healthcare platforms, and e-commerce systems remain frequent targets due to the sensitivity of stored information.

Key Considerations

Parameterised queries and prepared statements provide robust mitigation, though defence-in-depth strategies including input validation and least-privilege database accounts remain essential. Legacy applications and rapid development practices increase exposure risk.

Related in Offensive Security

Cybersecurity

The practice of protecting systems, networks, and programs from digital attacks, unauthorised access, and data breaches.

Threat Intelligence

Evidence-based knowledge about existing or emerging threats to an organisation's digital assets and infrastructure.

Vulnerability Assessment

The process of identifying, quantifying, and prioritising security vulnerabilities in systems and applications.

Penetration Testing

A simulated cyberattack against a system to evaluate the security of its defences and identify exploitable vulnerabilities.

Red Team

A group of security professionals who simulate real-world attacks to test an organisation's defensive capabilities.

Blue Team

A group of security professionals who defend against both real attackers and simulated attacks from red teams.

Purple Team

A collaborative security approach combining red team attack knowledge with blue team defensive capabilities.

Intrusion Prevention System

A network security technology that examines network traffic to detect and prevent vulnerability exploits.

Ransomware

Malicious software that encrypts a victim's files and demands payment for the decryption key.

Malware

Malicious software designed to disrupt, damage, or gain unauthorised access to computer systems.

Phishing

A social engineering attack that uses fraudulent communications to trick recipients into revealing sensitive information.

Spear Phishing

A targeted phishing attack directed at specific individuals or organisations using personalised deceptive content.

More in Cybersecurity

Cross-Site Scripting

Offensive Security

A web security vulnerability allowing attackers to inject malicious scripts into web pages viewed by other users.

AI-Powered Threat Detection

Offensive Security

Security systems that leverage machine learning and behavioural analytics to identify sophisticated cyber threats, anomalous patterns, and zero-day attacks in real time.

Cloud-Native Application Protection

Offensive Security

An integrated security platform that protects cloud-native applications across the full lifecycle, combining workload protection, configuration management, and runtime security.

Certificate Authority

Network Security

An entity that issues digital certificates, verifying the identity of organisations and encrypting communications.

Endpoint Detection and Response

Defensive Security

Security technology that monitors endpoint devices to detect, investigate, and respond to cyber threats.

Security Operations Centre

Defensive Security

A centralised facility where security professionals monitor, detect, analyse, and respond to cybersecurity incidents.

Software Bill of Materials

Offensive Security

A comprehensive inventory of all software components, libraries, and dependencies used in an application, enabling vulnerability tracking and supply chain risk management.

Deception Technology

Identity & Access

Security solutions that deploy decoy assets such as fake servers, credentials, and data to detect, misdirect, and analyse attackers who have breached perimeter defences.