SQL Injection

What is SQL Injection?

String Literals

Common SQL Characters for Probing Injection Vulnerabilities

Characters Description

-- (--%20)



( or )  

Single quote. Used to delineate a query with an unmatched quote.

Single line comment. Ignores the remainder of the statement.

Terminate a query. A prematurely terminated query creates an error.

Comment delimiter. Text within comment delimiters is ignored.

Parentheses. Used to group a logical subclause. Unmatched parentheses will create an error.

Any alphabet character will generate an error is used in a numeric comparison.

Types of SQL Injection Attacks


Many applications that implement a forms-based login function use a database to store user credentials and perform a simple SQL query to validate each login attempt. For example, the Grade Central site authenticates student's username and password. If the login succeeds, grades will be displayed; if not, the message "Login failed: Invalid credentials" will be returned.