reply to discussion below wk5cmit colins

Do you require help with your paper? Use our custom writing service to achieve better grades and meet your deadlines. Trust our team of writing experts with your work today, and enjoy peace of mind.

Order a Similar Paper Order a Different Paper

Having an unsecured website on the internet when it comes to code vulnerability assessments not being completed or unsanitized form fields on the websites can leave a huge hole for hackers to jump right in and completely mess up any SQL tables running on the database server or even attack the servers themselves.

By allowing SQL commands to be sent through the form fields (obviously not on purpose, but by oversight), the attacker can just type in an SQL query to check if the form is vulnerable to SQL insertion. In a guide written by Haroon Meer, he would input something like:

blah’ OR 1=1—

and if the form or web page returned an error that looked like:

Microsoft OLE DB Provider for SQL Server error ‘80040e14’

Unclosed quotation mark before the character string ” and Password=”.

/login.asp, line 40

then the attacker knows that the form did not sanitize form fields and allowed SQL to pass through to the SQL database. Now the attacker would easily be able to continue sending commands through the form field to login as different users or create accounts, give it administrator access, then either steal everyone’s information or wreak havoc by deleting all of the tables.

This short guide (citation below) had a very short but easy to read guide on how to test a website for SQL insertion vulnerabilities and then how to try logging in as an administrator and then how to read tables and gather usernames. This certainly helped explain it a bit better than the CEH handbook!

Meer, H. (n.d.). SQL Insertion. Retrieved June 16, 2019, from

"Is this question part of your assignment? We can help"


Do you need help with this or a different assignment? We offer CONFIDENTIAL, ORIGINAL (Turnitin/LopesWrite/SafeAssign checks), and PRIVATE services using latest (within 5 years) peer-reviewed journal articles. Kindly click on ORDER NOW to receive an A++ paper from our masters- and PhD writers.

Get a 15% discount on your order using the following coupon code SAVE15

Order a Similar Paper Order a Different Paper