MySQL - SPLessons

MySQL Injection

Chapter 24

SPLessons 5 Steps, 3 Clicks
5 Steps - 3 Clicks

MySQL Injection

MySQL Injection

shape Description

MySQL Injection is a relational database management system that is composed in c dialect for adjusting the height and width of the implanted frameworks like ANDROID and GPS. For performing all the executions or operations doesn’t require any special servers. The complete setup will be provided in the MySQL setup by default.

Injection mostly defines while approaching a client for information, similar to their names, and rather than the names in the MySQL proclamation that will definitely keep running in the Database. Client provided details should be validate first by performing some matching patterns inside the database.

shape Conceptual
figure

shape Syntax


if (preg_match(“/^\w{8,20}$/”,$_GET[‘username’],$matches)){
$db=new MySQLDatabase(‘filename’);
$result=@$db->query(“SELECT * FROM users WHERE username=$matches[0]”);
}else{
echo “username not accepted”;
}

In the above syntax structure the client_name is limited to underscore and alphanumerical scorches and contains length 8-20 characters. 

shape Examples

For understanding this kind of situations, consider the following example.

$name="Qadir';
DELETE FROM users;";
@$db->query("SELECT * FROM users WHERE username='{$name}'");

In the above example, actually the function should acquire a result set from the client table and the column name should be same as the names determine by the user, $name should contains perhaps spaces and alphanumeric characters and alias name too. If not all the records from the client will be deleted from the injected query.

MySQL injection prevention

shape Description

In cartography dialects like PHP and PERL, these MySQL injection cleverly controls these departures characters. The PHP programming dialects gives the utilitarian string MySQL_escape_string() to control the character inputs that are some kind of particular string characters to MySQL.

shape Syntax

if(get_magic_quotes_gpc())
{
$name=MySQL_escape_string($name);
}
$result=@$db->query(“SELECT * FROM users WHERE username='{$name}'”);

For embedding the information, the above syntax is exceptionally helpful for encoding the queries that are executed in like clauses statement and basic content characters and usually contain binary coded data variables.

Summary

shape Key Points

  • MySQL Injection – Is a relational database management system composed in ‘C’ language.