How does a SQL injection attack take place What are some of

How does a SQL injection attack take place?

What are some of the tools that a hacker can use to crack passwords?

Solution

SQL injection takes advantage of the design flaws in poorly designed web applications to poison SQL statements to execute malicious statements. SQL Injections can do more harm than just by passing the login algorithms. Some of the attacks include

Deleting data

Updating data

Inserting data

Executing commands on the server that can download and install malicious programs such as Trojans

Exporting valuable data such as credit card details, email and passwords to the attacker’s remote server

Getting user login details etc

In order to run malicious SQL queries against a database server, an attacker must first find an input within the web application that is included inside of an SQL query.In order for an SQL Injection attack to take place, the vulnerable website needs to directly include user input within an SQL statement. An attacker can then insert a payload that will be included as part of the SQL query and run against the database server.

The tools that a hacker can use to crack passwords are:

LophtCrack,Medusa,John the Riper, Crowbar, etc.,