SQL Injection

In this video, we will take a look at how to perform some SQL injection attacks on a site, and we'll learn how to protect our sites from attacks.

SQL is demon spawn, and no self-respecting software developer should ever use it.

https://blog.cleancoder.com/uncle-bob/2017/12/03/BobbyTables.html

SQL databases have been around since the 70s and most websites these days use a SQL database to store data. However, SQL Injection attacks have been one of the most most common hacking techniques for the past 20 years.

In this video, we will take a look at how to perform some SQL injection attacks on a site, and we'll learn how to protect our sites from attacks.

The site I made serves up data about the Oscars. just enter the name of an actor, and you get details about them. I have two versions of this site, one in javascript using node, and one in PHP. We hack both versions.

Code: https://github.com/meech-ward/sql_injection

Injections:

https://raw.githubusercontent.com/meech-ward/sql_injection/master/sql/injection.md

Also, check out one of my favorite videos on the subject from computerphile: https://www.youtube.com/watch?v=ciNHn38EyRc

Find an issue with this page? Fix it on GitHub