SQL Injection Slides
SQL Injection Slides
Dawid Czagan
SECURITY INSTRUCTOR
@dawidczagan
Overview
Understanding SQL Injection
↓
Bypass Password Verification
↓
Unauthorized Access to User’s Account
SELECT * FROM users WHERE email = '[email protected]' and password = 'xyz'
SQL Injection
Sanitization (Parameterized Query)
dbStatementExecute();
SQL Injection
Summary SQL Injection
↓
Bypass Password Verification
Sanitization
(Parameterized Query)