SQL Injection

The Structured Query Language Injection (short: SQL) is a technique used to insert malicious codes (so-called “statements”) into SQL driven databases and applications. To accomplish this, the attacker trades on security gaps within the programming code of a website or other services in order to infiltrate the underlying data base and to embed the SQL statements. This enables the hacker to spy out or alter data – maybe even to seize control of a whole server. The aim of such an attack usually is to collect user login data, which in turn permits him to gain unauthorised access to someone else’s account. The SQL technique and its potential has recently been addressed by best-selling author J.K. Rowling in her novel The Casual Vacany.

The Structured Query Language Injection (short: SQL) is a technique used to insert malicious codes (so-called “statements”) into SQL driven databases and applications. To accomplish this, the attacker trades on security gaps within the programming code of a website or other services in order to infiltrate the underlying data base and to embed the SQL statements. This enables the hacker to spy out or alter data – maybe even to seize control of a whole server. The aim of such an attack usually is to collect user login data, which in turn permits him to gain unauthorised access to someone else’s account. The SQL technique and its potential has recently been addressed by best-selling author J.K. Rowling in her novel The Casual Vacany.