issuhub.com

CEH

(Jeff_L) #1

Introducing SQL Injection 333


■ Destruction or corruption of data through rewriting, altering, or other means.


■ Eliminating or altering transactions that have been or will be committed.


The Anatomy of a Web Application


A web application is the target of a SQL injection attack, so you must understand how
these apps work. A web app can be described simply as an application that is accessed
through a web browser or application (such as the apps on a smartphone). However, we
need to be a little more detailed with our description in order to better understand SQL
injection. In essence, a web application works by performing these steps:



  1. The user makes a request through the web browser from the Internet to the web server.

  2. The web server accepts the request and forwards it to the applicable web application
    server.

  3. The web application server performs the requested task.

  4. The web application accesses the entire database available and responds to the web
    server.

  5. The web server responds back to the user once the transaction is complete.

  6. The requested information appears on the user’s monitor.


The details involved in these steps can change depending on the application involved.

Server-side vs. Client-side


First let’s look at the type of technologies involved in browsing and working with the Web.
They mainly fall into two areas: client-side and server-side. Server-side technologies are
those that run and are executed on the server itself before delivering information to the
requester. Client-side technologies are those that run within the browser or somewhere on
the client side. For the purposes of our discussion, we will not be covering client-side here.
Server-side technologies come in many varieties and types, each of which offers
something specific to the user. Generally, each of the technologies allows for the creation
of dynamic and data-driven web applications. There are a wide range of server-side
technologies that you can use to create these types of web applications, among them:


■ ASP


■ A S P. N E T


■ Oracle


■ PHP


■ JSP


■ SQL Server


■ IBM DB2


■ MySQL


■ RubyOnRails

Free download pdf
Get our desktop app
Company
Features
Documentation
Resources
© ISSUHUB. 2025. All rights reserved.