Dave Krunal

Cybersecurity | Filmmaking | Perspective

Cyber Sketches

SQL Injection: Input Validation

Part 3 (final) – Input validation technique for SQL injection attack.

Check out the first two cyber sketches on the intro and how the attack works.

The SQL injection attack relies on malicious input. The simple and best approach restricts the input’s type, format, and length.

We can limit six numeric integers as input to capture birthdate in the web form. It restraint attackers to inject a long malicious SQL query.

The other way to look at it is as predefined shapes. If we want to capture only triangles, squares and circles, it doesn’t make sense to provide options for all other forms such as stars, eclipses and cylinders.

 

Tags:

Leave a Reply

Your email address will not be published.

Back to top
error: Content is protected !!