Key Takeaways

  • SQLi happens when a site trusts user input blindly.
  • Attackers use it to bypass logins or steal data.
  • It is one of the oldest but most dangerous web vulnerabilities.
  • Fix: Always use Prepared Statements (Parameterized Queries).

How typing ' OR 1=1 -- in a login box can hack a bank. It sounds like a movie, but it is real.

The Database Language

Websites use SQL (Structured Query Language) to talk to their database. When you log in, the site asks the DB: "Find the user where name is 'Bob' and password is '123'".

The Hack

If the website developer is careless, a hacker can input SQL commands into the name field.

Instead of just "Bob", they misuse special characters to change the question to: "Find the user 'Bob' OR where 1 equals 1".

Since 1 always equals 1 (True), the database returns TRUE and might log them in as Administrator without a password.

Impact

SQLi can allow attackers to steal entire customer lists (emails, passwords, credit cards), delete data tables, or even take over the underlying server using `xp_cmdshell`.

Frequently Asked Questions (FAQ)

Can I practice SQLi legally?
Yes! Do NOT hack real sites. Use legal practice platforms like "DVWA" (Damn Vulnerable Web App) or "OWASP Juice Shop" or "PortSwigger Web Security Academy".
Is my Wordpress site safe?
Usually, yes, if you keep it updated. SQLi often appears in poorly coded 3rd party plugins. Always minimize the number of plugins you use.

Want to see how websites protect themselves?
Check Security Headers