How To Check SQL Injection

20/07/2011 23:03

SQLI attack is the most popular Web site in any of these days.There was a huge increase in SQL programmers and web pages, and the biggest problem with SQL is "Perhaps your perfect / pirates." Due to poor coding programmers often leave vulnerabilities in place and the pirates of his duty to report and can see patches up.So

how to check if the site is vulnerable if SQLI

There is not much to do. All you have is:

1.get a site that uses SQL queries.For your conviction, an easier way, is a page that has "www.site.com/something.php?ex=43" You must have seen tons of these sites . Note.: Not all sites that have "=" use SQL Quero could also use "PHP Get / Post method."

2.Once, you like the site then just intersert quotes (") as these" www.site.com/something.php?ex=43 ".

3.Se the site is vulnerable to SQL, then returns an error this.You something might get this error message "You have error in SQL syntax; Consult the manual that corresponds to the MySQL server version for the correct syntax to use near of '\' E''single_group = "S"' at line 1"

This error should not be the same always, always, when an error occurs that can be said that the site is vulnerable to SQLI and its up to you to become a sound and to report to the webmaster.