“A Walk to Secure Future” – Part 5
Let us discuss about injection techniques. Injections are small scripts which tamper with the loops in the security implemented by the administrators and take undue advantage of it. Creating injections require extensive knowledge of the scripting language used. Injections are to be supplemented in background of relevant and accepted data. It may be OBFUSCATED or hidden behind links etc. Common injections used today are made in SQL, PHP, JAVA, PYTHON, ORACLE etc. Depending upon the quality of data to be stolen, the impact level, access point, target field, scripting language of the injection is decided. Servers may be hosted on different operating systems. They may support certain protocols, amends, backgrounds, environments. Thus the injection to be made must be carefully developed.
Let us talk about SQL injections since they are the most used ones in the underworld.
SQL is a basically a database monitoring language. In complex websites with multi approach framework, it becomes very important to maintain database in forms of tables and rows and columns. However, it allows you to output values stored in its fields using injection technique. A detailed explanation about this, I have added in the resources.
A Guide to SQL Injections
Talking about securing your codes and their security, I have already started a discussion about obfuscation of codes and will post in related content every now and then.
Here is the link to it.
An Introduction to Obfuscated Coding