How does a SQL Injection Work? | Glossary | Contrast Security (2024)

Table of Contents
Types of SQL Injection Attacks In-band SQL injection attack Inferential SQL injection attack Out-of-band SQL injection attack

Types of SQL Injection Attacks

SQL injection can be categorized into three categories: in-band, inferential, and out-of-band.

In-band SQL injection attack

In-band SQL injection is the most frequent and commonly used SQL injection attack. The transfer of data used in in-band attacks can either be done through error messages on the web or by using the UNION operator in SQL statements. There are two types of in-band SQL injection: union-based and error-based SQL injection.

  • Union-based SQL injection.When an application is vulnerable to SQL injection and the application’s responses return the results for a query, attackers use the UNION keyword to retrieve data from other tables of the application database.
  • Error-based SQL injection.The error-based SQL injection technique relies on error messages thrown by the application database servers. Here, attackers use the error message information to determine the entities of the database.

Inferential SQL injection attack

Inferential SQL injection is also known as a blind SQL injection attack. In a blind SQL injection attack, after sending a data payload, the attacker observes the behavior and responses to determine the data structure of the database.

There are two types of blind or inferential SQL injection attacks: Boolean and time based.

  • Boolean based.The Boolean-based technique sends SQL queries to the database to force the application to return a Boolean result—that is, either a TRUE or FALSE result. Attackers perform various queries blindly to determine the vulnerability.
  • Time based.The time-based SQL injection attack is often used when an application returns generic error messages. This technique forces the database to wait for a specific time. The response time helps the attacker to identify the query returns as TRUE or FALSE.

Out-of-band SQL injection attack

The out-of-band SQL injection attack requests that the application transmit data via any protocol—HTTP, DNS, or SMB. To perform this type of attack, the following functions can be used on Microsoft SQL and MySQL databases, respectively:

  • MS SQL: master..xp _dirtree
  • MySQL: LOAD_FILE()
See Also
SQL InjectionSQL Injection: What Is It, How Does It Work, and How to Stay Safe?SQL Injection: The Cyber Attack Hiding in Your Database
How does a SQL Injection Work? | Glossary | Contrast Security (2024)
Top Articles
About Dashboards - Analytics Help
ITIL®4 Guiding Principles (with Real-Time Examples)
How To Get Weapon Enhancement Gears - Solo Leveling: Arise - Playoholic
Star Wars (film) - Wikiquote
Latest Posts
Resort Management: Evolution, Trends, Departments, Duties, Responsibilities
Project Initiation: Starting a Successful Project coursera quiz answers - Courseinside
Article information

Author: Catherine Tremblay

Last Updated:

Views: 6186

Rating: 4.7 / 5 (47 voted)

Reviews: 94% of readers found this page helpful

Author information

Name: Catherine Tremblay

Birthday: 1999-09-23

Address: Suite 461 73643 Sherril Loaf, Dickinsonland, AZ 47941-2379

Phone: +2678139151039

Job: International Administration Supervisor

Hobby: Dowsing, Snowboarding, Rowing, Beekeeping, Calligraphy, Shooting, Air sports

Introduction: My name is Catherine Tremblay, I am a precious, perfect, tasty, enthusiastic, inexpensive, vast, kind person who loves writing and wants to share my knowledge and understanding with you.