SQL Injection and its Protection Techniques in PHP

In this article, you are going to learn what is SQL injection, techniques of SQL injection, its types, its protection from malicious activities, database security tools, consequences of SQL injection and real life examples of SQL injection. So, first we are going to elaborate what is SQL injection and then we will proceed further.

SQL injection is the technique of injecting malicious codes or simply data in the form of SQL statements to a Relational Database Management System in order to use the database to perform an illegal activity. Most of the attackers or hackers uses this technique to retrieve sensitive information like username, password, etc from any vulnerable organizational database.

Most of the web applications have less secured databases which may help an attacker to easily access the information and manipulate with the database. They can add some malicious data, delete the existing data or even become the administrator of the database server. For deep understanding of php concepts you may also join our advanced php training in India with one of our center near your location.

In the past, when there are no automated programs for SQL injection, a hacker had to type the codes manually to have access to the database. But now, the availability of automated tools for SQL injection have made the databases of several web applications more vulnerable to the mischievous code injection.

TYPES OF SQL INJECTION(SQLI)

1. An attacker can retrieve the username and password from a database by typing 1=1 into the username input box as shown below.
   Username :

    

   adam@gmail.com or 1=1

   The result of the above input will be :
   SELECT * FROM Users WHERE Username adam@gmail.com or 1=1 ;

2. An attacker can also use the following codes to retrieve the username and password from a database.
   Username :

    

   “or””=”

   Password :

   “or””=”

   The result of the above input code will be :
   SELECT * FROM Users WHERE Username =“” or “”=“” AND Password =“” or “”=“”

TYPES OF SQL INJECTION(SQLI)

There are basically four types of SQL injection which are briefly described below.

1. Classic SQLi : In this type of SQL injection, an attacker tries to hack the database and retrieve all the sensitive information by using the same medium of communication. This is one of the most common type of SQL injection and one can easily influence or manipulate with the content of the database. It is also known as In-band SQL injection. This is further classified into two groups.
   (a)Error-based SQLi : This type of  In-band SQL injection technique deals with the error messages produced by the database of the system during the development process of a web-based application.
   (b)Union-based SQLi : This type of  In-band SQL injection technique deals with the Union SQL operator to produce a single result by combining the outcomes of two or more Select statement in Structured Query Language.
2. Blind or Inference SQLi : In this type of SQL injection technique the data transferred through web application during the attack is invisible to the attacker. That’s why this technique is termed as Blind SQLi. However, an attacker can tamper with the structure of the whole database. It is also treated as the most hazardous SQL injection technique of retrieving the sensitive information from the database. Boolean-based/Content-based Blind SQLi and Time-based Blind SQLi are the two subdivisions of this technique.
3. Database Management System-specific SQLi : This type of SQL injection technique enables an attacker to perform SQL queries like create, update etc. It also enables an attacker or unauthorized user to become the administrator of the SQL database sever.
4. Compounded SQLi : This type of SQL injection technique includes XSS(Cross-Site Scripting), DNS(Domain Name System) hijacking, DDos(distributed denial-of-service) etc. All of these are malicious activities that causes vulnerability to the web applications.

PROTECTION FROM SQL INJECTION USING PHP

1. Use of Command Parameters : SQL injection can be prevented by using command parameters like @, : . An example is shown below of parameterized statement.
   SELECT * FROM Users WHERE Username = @adam And Password = @1234 ;
2. Pattern Checking : This is the another technique to prevent SQL injection. In this method, the value of parameters including string, float, integer are checked to have a valid representation.
3. Character Escaping (Parameter Ecsaping) : This is one of the most used SQL injection prevention technique to protect the database from illegit users. In php, character or parameter escaping is done by using the function mysqli_real_escape_string();. Some other functions that are used for same purpose are addslashes(string $str) and pg_ecsape_string.
4. Database Security Check : SQL injection can also be prevented by providing suitable security checks or permissions before logging into the database of the system.

SQL DATABASE SECURITY TOOLS/PRODUCTS ON MARKET

We have listed below some of the best database security products that are available on market to prevent the databases of web-based applications from illicit users or hackers.

1. Fortinet FortiDB-500D, 1000D, 3000D
2. HP Security Voltage
3. Imperva SecureSphere
4. Oracle Database Enterprise Edition.
5. McAfee Products like Database Activity Monitoring, Vulnerability Manager for Database
6. Trustwave DbProtect
7. IBM Guardium

CONSEQUENCES OF SQL INJECTION

⏩ An attacker can go past the user authentication by using SQL injection and tamper with the personal information of a legit user.

⏩ An attacker can delete the important information or contents from the database using SQL injection.

⏩ SQL injection may result in the data manipulation by the uncertified or illicit user.

⏩ It enables an attacker to have access to the sensitive information stored in the database such as username, passwords and other secret information.  etc.

⏩ Hackers from around the world can rescind online cash(fee, salary) transactions with the help of SQL injection.

⏩ SQL Injection may even lead to aid hackers to become controller of the SQL database server.

REAL-LIFE EXAMPLES OF SQL INJECTION

⏩ A California-based company Barracuda Networks, Inc. was hacked on 11 April, 2011. Hackers used SQL injection technique to retrieve information from their database like email address and username of several employees.

⏩ The personal information of around 1.5 lacs customers of a London-based telecommunication company Talk Talk Group was stolen by hackers using SQL injection attack.

⏩ An attacker’s group @deletesec hacked 40k accounts details of AVS(Asian Variety Show) TV Network on 2 Feb, 2014.

⏩ Hackers group RaptorSwag attacked the government databases of Chinese Chamber of International Commerce on 4 Nov, 2013.

⏩ Even the official homepage of the website mysql.com was attacked by hackers using Blind SQLi on 27 March, 2011.

In this article, we have tried to give you the best possible information about SQL injection along with its protection techniques and examples. For further updates regarding php, stay tuned to our blogs.