Injection 101
One of the most well-known classes of vulnerabilities tends to be injection vulnerabilities, especially, and surprising no one, the undisputed poster-child: SQL Injection. It’s hard to avoid hearing about SQL injection in the tech world, so we’re just going to talk about it.
With SQL Injection, it’s possible to manipulate the behavior of an SQL query into doing the bidding of an attacker.
There are also many other types of injection that, while different on their surface, all work based on the same principle.
Just to recap, some of the most common injection types are:
- SQL Injection
- Cross-Site Scripting (HTML/Javascript injection)
- Path Traversal (Path/Url injection)
- Command Injection
- Code Injection
A Little Injection 101
If you look at the previous list of injection types, they all have one thing in common: they all involve a string, which is run through an interpreter, which then does whatever the string represents. We've marked "user input" with curly brackets.
So, what would happen if the insertion of user input was insecure? What could an attacker do? Again, everything within the curly brackets comes is considered “user input” in this scenario.
In these examples, take note of how the input can be used to influence the result from the user input.
This is the essence of what injection is. It's influencing what gets passed to the interpreter, in order to get it to do something other than what the original programmer intended.
Those are just the basics to consider. We’ve separated some of the different injection types onto their own pages because they deserve a little more attention.
You can find them here: