- SQL injection:
SQL injection usually occurs because of lack telitian programmers to create scripts that will be the SQL query.
hacker can do assault by entering the command in double quotes ('), a minus sign (-), (|) ,(=) and many other code.
and usually an error occurs. and the error manifold.
one example :
Error : You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near '\'' at line 1
- Blind SQL Injection
Blind SQL is the name of the technique of attack. This technique is done by inserting SQL syntax or command in a web that has vulnerabilities (security holes) to browse the database, but can access the server directly using shell or by posting on the website backdor.
source: http://farizy4n.blogspot.com/2010/12/sql-blind-sql-injection.html
Tidak ada komentar:
Posting Komentar