In this chapter, you learned some of the many vectors that cause SQL injection, from the design and architecture of an application, to the developer behaviors and coding patterns that are used in building the application. We discussed how the popular multiple-tier (n-tier) architecture for Web applications will commonly have a storage tier with a database that is interacted with by database queries generated at another tier, often in part with user-supplied information. And we discussed that dynamic string building (otherwise known as dynamic SQL), the practice of assembling the SQL query as a string concatenated together with user-supplied input, causes SQL injection as the attacker can change the logic and structure of theSQL query to execute database commands that are very different from those that the developer intended.
In the forthcoming chapters, we will discuss SQL injection in much more depth, both in finding and in identifying SQL injection (Chapters 2 and 3), SQL injection attacks and what can be done through SQL injection (Chapters 4–7), how to defend against SQL injection (Chapters 8 and 9), and how to find out if you’ve been exploited or recover from SQL injection (Chapter 10). And finally, in Chapter 11, we present a number of handy reference resources, pointers, and cheat sheets intended to help you quickly find the information you’re looking for.
In the meantime, read through and try out this chapter’s examples again so that you cement your understanding of what SQL injection is and how it happens. With that knowledge, you’re already a long way toward being able to find, exploit, or fix SQL injection out there in the real world!
