Here is a list of top 10 interview questions related to SQL injection. SQL injection is the topmost vulnerability in OWASP Top 10.
Q1. What is SQL Injection?
Ans: SQL injection is a vulnerability by which an attacker execute malicious SQL queries on the backend database by manipulating the input to the application.
Q2. Is it just ASP and SQL Server or are all platforms vulnerable?
Ans: SQL injection is the most widespread vulnerability among all platforms. Improper input validation and use of dynamic SQL queries are the main causes of SQL injection.
Q3. Apart from username and password which variables are candidates for SQL Injection?
Ans: Any input field like credit card number, account number etc. which extracts data from database by using where clause are the candidates of SQL injection. In addition to form fields, an attacker can use hidden fields and query strings for successful exploitation.
Q4. What’s the worst an attacker can do with SQL?
Ans: SQL, is a language used to create and manage database stored in RDBMS. If SQL injection vulnerability is available in the application, the following are the possibilities:
- Bypass authentication may possible
- confidentiality of data may be lost as an attacker may able to see data on exploiting SQL injection vulnerability
- attacker can delete entries in the database
- an attacker can alter data in the database
Q5. What is Blind SQL Injection?
Ans: Blind SQL Injection is a type of SQL injection where an attacker asks true and false questions to the database. Based on error messages, attacker craft more specific questions to the database to extract more information. This is little difficult to exploit, but not impossible.
Q6. How do we prevent SQL Injection in our applications?
Ans: Here are some options to prevent SQL injection:
- Use prepared statement to write database queries.
- Sometimes the use of stored procedure also helps in mitigating SQL injection
- Use whitelist input validation
- Provide less privilege to database account. Don’t grant rights related to create and delete to application accounts. Avoid running DBMS as root or system.
Q7. I’m using stored procedures for authentication, am I vulnerable?
Ans: Use of stored procedure is one way to secure web application from SQL injection attack. By using a stored procedure, the user input is no longer used to build the query dynamically. But still, one way left for SQL injection attack. If the stored procedure takes input and used same input to build a query without validating it. Although it is difficult in the practical scenario, but not impossible.
Q9. Are Java servlets vulnerable to SQL injection?
Ans: Yes, Java servlets are also vulnerable to SQL injection if input validation is not enforced and if they build SQL queries dynamically. Java servlets also have some mechanism to mitigate SQL injection such as Callable Statements and Prepared Statements.
Q10. Can an automated scanner discover SQL Injection?
Ans: Although security researcher working very hard to develop automated scanner which discovers all the issues, sometimes scanner miss some issues. So it is good practice to check SQL injection manually while doing security testing.
Subscribe us to receive more such articles updates in your email.
If you have any questions, feel free to ask in the comments section below. Nothing gives me greater joy than helping my readers!
Disclaimer: This tutorial is for educational purpose only. Individual is solely responsible for any illegal act.