SQL Injection and Database Concepts

Application firewall

SQL database server

Network router

Web server

To crash the web server

To slow down the network

To retrieve unauthorized information from the database

To update the web server software

The user is not authorized

The database is not reachable

The SQL query was accepted but had a syntax error

The web server is down

1' OR '1'='1

SELECT * FROM users

DROP TABLE users

INSERT INTO users VALUES ('admin', 'password')

Morgan

Gordon

Pablo

Bob

Deletes data from a table

Combines results from multiple queries

Updates data in a table

Creates a new table

To manage database connections

To log user activities

To store metadata about the database

To store user passwords

userID

firstName

lastName

name

%2F

%40

%20

%27

Frequent 404 errors

High CPU usage

Slow page load times

Presence of SQL keywords like UNION and SELECT