Skip to main content
HashnodeInintial projectsInintial projects

Command Palette

Search for a command to run...

SQLi Demonstration

Updated
4 min read
A
Ahmed
Iam a student interested in cybersecurity and more into analysis, reporting, documenting, auditing, policies, scanning and automation side of cybersecurity.

Introduction

A great way to get a full understanding of any particular cybersecurity topic is actually to implement it. Rather than learning only theoretically how SQL Injection (SQLi) works, I've built a simple project demonstrating how this attack can be conducted in a controlled setting.

The purpose of this project, which was called "SQLi Login System", was not to develop a secure login page for some application, but to demonstrate how one could conduct an SQL injection by writing vulnerable code. This way, I had the opportunity to get a deeper understanding of database usage and secure coding techniques.

Starting with the Database

The initial part involved the creation of a database and understanding how information is saved and accessed. A small database comprising a table with sample users was created, and I conducted a few experiments on retrieving information through SQL queries.

At this point, my focus was mainly on grasping the basics, including:

  • Creating a database and its tables,

  • Entering sample data into the database,

  • Extracting data using SQL queries,

  • Comparing login information with entries in the database.

Connecting Python to the Database

Upon learning the basics of database handling, I integrated the database into my program by incorporating the mysql-connector module in Python.

This way, queries could be executed on the database, dependent on user inputs. I designed a very simple login system which required the user to enter the name and password and check whether these credentials were present in the database.

Once I completed this step, I started testing for SQL injection attacks. I tested various payloads on queries constructed in an insecure fashion, allowing me to see how the input can affect the query logic and help evade authentication.

The practical demonstration of this weakness helped me learn more about SQL injection than just reading about it theoretically.

Creating a User Interface

Since everything in the back end had been accomplished, the next thing I considered was making this whole thing more interesting and understandable.

For my first try, I made a graphical user interface using Python’s Tkinter module. It did work, but the interface was too boring and not visually appealing at all.

Even though the attack worked through Tkinter, I found that a web-based interface would be more appropriate as a representation of the real world scenario of this type of attack.

Moving to a Web-Based Demonstration

In order to enhance the way the project is presented, I redesigned the front-end with:

  • HTML

  • CSS

  • JavaScript

A login interface was developed, simulating a login interface for a web application. This gave a more real-world feel to the demonstration and helped the user navigate the system more easily.

The web interface also enabled a clear distinction between the front end and back end, allowing me to gain a deeper understanding of web application operations.

Simulating Administrative Access

I felt that the basic login bypass was a rather incomplete experiment, and thus I felt like expanding on this project.

This consisted of creating fake records, which could only be viewed by an administrator. In the case where the SQL Injection payload successfully bypasses authentication, the user is then shown these records.

These were purely fictional information, and none of them were based on anything at all other than education purposes.

This helped show one of the most dangerous things that can happen due to SQL Injection. An attacker could potentially gain access to something he/she wasn’t supposed to access.

What I Learned

This was not a learning experience limited to SQL injection.

Important takeaways were:

  • How data is stored and retrieved from a database

  • How applications interact with a database

  • Dangers in trusting user input

  • The importance of proper query management

  • The usefulness of creating practical demos while studying cybersecurity

The most important takeaway was learning about vulnerabilities through the eyes of an attacker.

Conclusion

This project, the SQLi Login System, is a teaching tool designed to provide an understanding on how SQL Injection vulnerabilities occur in applications that fail to correctly parse data from the users. Through building a simple database, using it in Python, testing out dangerous queries, and finally designing a web page around it, I have learned about one of the best known vulnerabilities in web applications.

Of course, this program was designed to contain vulnerable code as an example for study, but the ultimate goal of this project is not only to teach, but to prevent such issues in future applications.

#security#sqli#sqlinjection#python#cybersecurity#security-attacks#login-from#insecure-login-system
6 views

Comments

Join the discussion

No comments yet. Be the first to comment.

More from this blog

I

Inintial projects

3 posts