• ricecake@sh.itjust.works
    link
    fedilink
    arrow-up
    1
    ·
    9 months ago

    Oh sweet summer child.

    First, injection attacks are third on the owasp list, although they do roll xss into it too, which changed the name, since “shit sanitization on input” and “shit escaping before use” are the cause of both.
    https://owasp.org/Top10/A03_2021-Injection/

    Secondly, SQL injection is freakishly common and easy. I don’t know of any database libraries that prevent you from directly executing an SQL literal, they just encourage parameterized statements.

    I have personally run into plenty of systems where people build SQL via string concatenation because for whatever reason they can’t use an orm or “proper” SQL generator.

    You can find them in the wild fairly often by just tossing ' or 1=1;-- into fields in forms. If it gets mad in a way that doesn’t make sense or suddenly takes forever, you win!

    Don’t do that though, because it’s illegal.