From the course: CompTIA Security+ (SY0-701) Cert Prep
Join today to access over 25,300 courses taught by industry experts.
SQL injection
From the course: CompTIA Security+ (SY0-701) Cert Prep
SQL injection
(gentle music) - SQL injection is a very common and popular form of attack. SQL is the structured query language. In this section, we're going to look at the SQL injection attack and how it operates from a high level. So the first thing to talk about is how SQL injection works overall or how SQL itself works. And so what SQL injection is, or what a SQL injection attack does is it injects a little piece of logic into a standard SQL query, such as the one seen in red now. Where this query says Select star from the table called users where ID equals 2968. So this is a standard SQL query, but with SQL, what it's going to do is it's going to go to the table users. It's going to grab all of the records where the condition ID equals 2968. It's going to choose that row, that record, and return that result, or any results where that clause is true. In this case, there's probably only going to be one row that has an ID 2968. And so that's what's going to be returned. Oftentimes with web…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
-
(Locked)
Cryptographic attacks12m 54s
-
(Locked)
Hardware attacks4m 29s
-
(Locked)
Network and application attacks13m 39s
-
(Locked)
Malware9m 50s
-
(Locked)
SQL injection9m 52s
-
Vulnerabilities15m 20s
-
(Locked)
CSRF3m 4s
-
(Locked)
Directory traversal2m 46s
-
(Locked)
Pass the hash2m 55s
-
(Locked)
XSS6m 38s
-
(Locked)
-
-
-
-
-
-
-
-
-
-
-