SQL Injection, a term that is familiar in the world of accounting. The term SQL Injection is very well known, even to be a celebrity in the hacking world you can’t miss. SQL Injection has been on the rise in Indonesia since the site was breached KPU in the 2004 General Election. Imagine, the system that supposedly said with multi-layered security for 152 billion, you can being broken into without having to be tired of port scanning, looking for an ip address, trace route, and so on. In action hacking technique, SQL This injection does not require any tools, because we have enough with a browser to perform SQL injection actions.
You could say SQL Injection is a method for entering SQL commands as input via a web to gain database access. This is especially true of scripts which does not perform input validation. Hence it was at the beginning this book, I provide an explanation of databases and SQL first.
In this book I will try to review SQL injection starting from the basic stage of introduction, information gathering and exploitation up to advanced. Because without a solid foundation, an expert although he will not be able to master the field That’s why, I compiled this book starting from simple things Before we enter the world of SQL Injection, in the first chapter in this book I want to invite you to get to know a little web server while preparing your computer as a web server.
A simple illustration, suppose you are opening a website using a browser. This means your computer is connected to a server computer that contains various data or web pages that you request (request) to be displayed on your computer screen. Simply put, that is what is called a web server. There are many applications that can be used as a web server, such as Apache, Xitami, PWS, IIS, and so on.
Why do I start this article with a discussion of the web server. This is because in performing this SQL injection, you don’t need a lot of infrastructure. Like having to check whois, circumventing firewalls, and so on. Action hacking with SQL techniques Injection can be used with just a browser to access the web server. That is why, to start this chapter, we will prepare the infrastructure to build it the computer or laptop that you are currently using a web server. This will support your activities for perform various SQL Injection actions which are described later in this article. For further information, please see the next article, bye