SQL Video

Submit Video
Home » Videos » SQL

Database Hacking: Direct Database Access SQL Injection Attack

  Shared By: ImpervaChannel      Date: Aug 13      Category: SQL     
SQL injection is usually a technique used to take advantage of non-validated input vulnerabilities to pass SQL commands through a Web application for execution by a backend database. Attackers take advantage of the fact that programmers often chain together SQL commands with user-provided parameters, and can therefore embed SQL commands inside these parameters. The result is that the attacker can execute arbitrary SQL queries and/or commands on the backend database server through the Web application. In this example, the database is attacked directly by a non-privileged user through direct interaction with the database - not through a Web application.


Related Videos