Glossary of Security Terms: SQL Injection

Written by mozilla | Published 2020/09/12
Tech Story Tags: mozilla | security-terms | password-protection | data-protection | web-development | mdn | beginners | hackernoon-top-story

TLDR Hackers can maliciously pass commands through the Web app for execution by a backend database. Many data breaches are due to SQL injection. Hackers use a simple string called a Magical String, for example: username: admin; password: anything 'or'1'='1; password=anything results in FALSE, but '1' is a TRUE statement and hence returns a true value. Just due to a single quote (') in the input string is replaced with double quotes ("), and due to (2) before every (') it adds (/). The revised magical string fails to bypass the authentication, and your database stays secure.via the TL;DR App
no story
Written by mozilla | Mozilla (stylized as moz://a) is a free software community founded in 1998 by members of Netscape.
Published by HackerNoon on 2020/09/12
ABOUTHow hackers start their afternoons. We publish tech stories and build publishing software.

READEntirely free library read by hundreds of millions to learn anything about any technology.

WRITEHackerNoon elevates quality technology writing far and wide across the interwebs.

PARTNERHackerNoon works directly with tech companies to place ads by content relevancy