20 lines
3 KiB
Markdown
20 lines
3 KiB
Markdown
|
|
||
|
|
1. **UNION-based SQL injection**: This type of SQL injection occurs when an attacker is able to use the UNION SQL operator to combine the results of two or more SELECT statements into a single result. This can be used to extract sensitive data from a database, or even to gain access to the underlying operating system.
|
||
|
|
|
||
|
|
2. **Error-based SQL injection**: This type of SQL injection relies on error messages generated by the database to reveal information about the structure of the underlying SQL query. By carefully crafting their input, an attacker can use this information to construct a successful SQL injection attack.
|
||
|
|
|
||
|
|
3. **Stacked query SQL injection**: This type of SQL injection occurs when an attacker is able to insert multiple SQL statements into a single input field. This can be used to bypass authentication controls, or to gain access to sensitive data.
|
||
|
|
|
||
|
|
4. **Blind SQL injection**: This type of SQL injection occurs when an attacker is able to inject a SQL query, but is unable to see the results of the query. Instead, the attacker must rely on indirect clues to determine the outcome of the query.
|
||
|
|
|
||
|
|
5. **Time-based SQL injection**: This type of SQL injection relies on the time it takes for a database to respond to a query in order to extract sensitive information. By carefully measuring the response time of the database, an attacker can use this information to infer the contents of the database.
|
||
|
|
|
||
|
|
6. **In-band SQL injection**: This type of SQL injection occurs when an attacker is able to extract sensitive data by using the same channel that was used to inject the SQL query. This can be done using the same web page or network connection that was used to submit the initial query.
|
||
|
|
|
||
|
|
7. **Out-of-band SQL injection**: This type of SQL injection occurs when an attacker is able to extract sensitive data using a different channel than the one that was used to inject the SQL query. This can be done by sending the data to a remote server, or by using other means to exfiltrate the data.
|
||
|
|
|
||
|
|
8. **Inferential SQL injection**: This type of SQL injection occurs when an attacker is able to infer sensitive information by observing the behavior of the database in response to a series of carefully crafted queries. This can be done by looking at the response time of the database, or by observing other clues that may be present in the response.
|
||
|
|
|
||
|
|
9. **Second-order SQL injection**: This type of SQL injection occurs when an attacker is able to inject a SQL query into a database, but the query is not executed immediately. Instead, the query is stored in the database and executed at a later time. This can be used to bypass authentication controls, or to gain access to sensitive data.
|
||
|
|
|
||
|
|
10. **Boolean-based SQL injection**: This type of SQL injection relies on the use of boolean logic to extract sensitive information from a database. By carefully crafting their input, an attacker can use this technique to determine the structure of the underlying SQL query, or to gain access to sensitive data.
|