Saturday 19 May 2018

What is Sql Injection Technique and How to describe in Asp.Net



  • SQL Injection is a code injection technique.
  • It is the placement of malicious code in SQL strings.
  • SQL Injection is one of the most common web hacking techniques.
  • These attacks only work with apps that internally use SQL.
first we make a table  Customer in sql server
create table Customer
(
SrNo int identity(1,1),
Name  varchar(50),
Gender varchar(50),
Email_Id varchar (50) primary key,
Password varchar (50),
salary int
)

Then we insert values in table
insert into Customer values('Deepak','Male','deepak@gmail.com','1234',456789)



after insert we search data through Email_Id and Password
select * from Customer where Email_Id='deepak@gmail.com' and Password='1234'


This time we have No knowledge of data which is present in customer table but we easily find out the output by these  given query  which is given below :-

·        select * from Customer where Email_Id='deepak@gmail.com' or 1=1


·        SELECT * FROM Customer WHERE Email_Id='' or '1'='1' and Password='' or '1'='1'


As you seen from above query we easily find out the data from the table Due to This reason Microsoft introduce parameter concept

******************************************************************

Let see the value we pass without parameter on web application of visual studio.net

Html code of LogIn
<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Default.aspx.cs" Inherits="_Default" %>

<!DOCTYPE html>

<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title></title>
<style type="text/css">
.auto-style1 {
width: 100%;
}
.auto-style2 {
height: 26px;
}
</style>
</head>
<body style="height: 268px">
<form id="form1" runat="server">
<div>

<table class="auto-style1">
<tr>
<td>&nbsp;</td>
<td>&nbsp;</td>
</tr>
<tr>
<td>Email_id</td>
<td>
<asp:TextBox ID="txtEmail" runat="server"></asp:TextBox>
</td>
</tr>
<tr>
<td class="auto-style2">Password</td>
<td class="auto-style2">
<asp:TextBox ID="txtPassword" runat="server"></asp:TextBox>
</td>
</tr>
<tr>
<td>&nbsp;</td>
<td>&nbsp;</td>
</tr>
<tr>
<td>&nbsp;</td>
<td>
<asp:Button ID="Button1" runat="server" OnClick="Button1_Click" Text="Button" />
<asp:Label ID="Label1" runat="server" Text="Label"></asp:Label>
</td>
</tr>
</table>

</div>
</form>
</body>
</html>
***********************************************************


Source code of LogIn
using System;
using System.Collections.Generic;
using System.Data.SqlClient;
using System.Drawing;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;

public partial class parameter : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{

}

protected void Button1_Click(object sender, EventArgs e)
{
SqlConnection con = new SqlConnection(@"Data Source=LAPTOP-46CG83DS;Initial Catalog=testdb;Integrated Security=True");

//In below case we pass the value through parameter concept

SqlCommand cmd = new SqlCommand("select * from Customer1 where Email_Id=@Email_Id and Password=@Password", con);
cmd.Parameters.AddWithValue("@Email_Id",txtEmail.Text);
cmd.Parameters.AddWithValue("@Password", txtPassword.Text);

//In given below case we didn’t pass the value through parameter concept

SqlCommand cmd = new SqlCommand("select * from Customer1 where Email_Id='" + txtEmail.Text.Trim() + "' and Password='" + txtPassword.Text + "'", con);


con.Open();
SqlDataReader dr = cmd.ExecuteReader();
if (dr.HasRows)
{
dr.Read();
Session["email"] = dr["Email_Id"].ToString();
Response.Redirect("welcom.aspx");
}
{
Label1.ForeColor = Color.Red;
Label1.Text = "user id and password not found";

}
con.Close();
}
}

Note:

In the above code we don’t follow the parameter concept but through sql injection concept we will easily access to the welcome page easily. By putting password as ' or '1'='1



But in this case we pass the parameter and we don’t access the data easily .we have to fill  Email_id and correct Password then we can access to  welcome page




7 comments:

  1. Hey, Wow all the posts are very informative for the people who visit this site. Good work! We also have a Website. Please feel free to visit our site. Thank you for sharing.Well written article Thank You Sharing with Us pmp training fee | project management training certification | project management training in chennai | project management courses in chennai | project management certification online |

    ReplyDelete
  2. CodeNinja is a digital product studio that specializes in web design & web development company in Lahore Pakistan. CodeNinja provides innovation as a service.We work with brands that change the market and achieve dreams through e-commerce solutions, SEO campaigns and modern website design. With highly qualified specialists in our team, we provide uncomplicated services at budgeted costs.

    ReplyDelete
  3. Nice way to explain this SQL Injection technique in Asp.net. Thanks to share this valuable Information with us.

    website development company in Surat Gujarat

    ReplyDelete
  4. Very informative post,
    Thanks for sharing, we really enjoyed your blog,
    iqra technology

    ReplyDelete