Posts tagged with: blind sql injection

Introduction to “SQL Injection” and “Blind SQL Injection”

MySQL is one of the most famous database server used by many people in the world. However, many administrator don’t set the MySQL correctly and that will make the database can be Injected by a hacker.

SQL Injection is a hacking technique that utilize the low security settings or poorly designed database on a server. SQL Injection usually done by inserting a series of code to the url or a form of a website. The vulnerability appear when the user input is not filtered correctly, so when the user insert a SQL character into a form, that code will be executed by the database server. To know where is a site is injectable or not, simply put ‘ character after the url of the site. If an error appear like “You have an error in your SQL syntax, bla bla bla…” then the site is 99% injectable. Continue Reading