Tell Me Glossary

1.3 Types of SQL Injection Attacks

Previous previous|next Next Page

The impact of SQL injection attacks may vary from gathering of sensitive data to manipulating database information, and from executing system-level commands to denial of service of the application. The impact also depends on the database on the target machine and the roles and privileges the SQL statement runs with.

Researchers generally divide injection attacks into three categories:

First Order Attack The attacker can simply enter a malicious string and cause the modified code to be executed immediately.
Second Order Attack The attacker injects into persistent storage (such as a table row) which is deemed as a trusted source. An attack is subsequently executed by another activity.
Lateral Injection. The attacker can manipulate the implicit function To_Char() by changing the values of the environment variables, NLS_Date_Format or NLS_Numeric_Characters.

SQL injection attacks do not have to return data directly to the user to be useful. “Blind” attacks (for example, that create a database user, but otherwise return no data) can still be very useful to an attacker.

In addition, hackers are known to use timing or other performance indicators, and even error messages to deduce the success or results of an attack.