SQL Injection In ASP.Net

About SQL Injection

Many vulnerabilities exist allowing hackers to steal data from organizations and SQL Injection is one of them. It is perhaps one of the most common application layer attack techniques used today. When improper coding of the web application is done then a hacker can inject into SQL commands. By using SQL commands a hacker can steal your data, they can modify your details and they can delete your data permanently.

In simple terms, SQL injection is nothing but it a technique where malicious users can inject SQL commands into an SQL statement, via webpage input and this input can break the security of the web application.

Now we understand how SQL Injection can be done in ASP .NET websites.

Let's take an example. Suppose you have a Login Table inside your database such as follows:

Create table Login  
(  
id int primary key,  
Name varchar(50),  
Email varchar(50),  
Password varchar(50)  
)  

Using the code above the output will look like:

And in this table you have some data such as the following.

Insert into Login values(1, 'Sourabh Somani', 'sourabh_somani2010@hotmail.com', 'password');  
Insert into Login values(2, 'Shaili Dashora', 'dashorashaili17@gmail.com' 'password');  
Insert into Login values(3, 'Divya Sharma', 'sharma.divya485@gmail.com', 'password');  
Insert into Login values(4, 'Swati Soni', 'swati_soni@gmail.com', 'password');  

Using the code above the output will be like:

Now I am creating a Login page using the following code with a Login Control.

<asp:login id="Login1" runat="server" onauthenticate="Login1_Authenticate" width="331px"  
    backcolor="#F7F6F3" bordercolor="#E6E2D8" borderpadding="4" borderstyle="Solid"  
    borderwidth="1px" font-names="Verdana" font-size="0.8em" forecolor="#333333"  
    height="139px">  
   <InstructionTextStyle Font-Italic="True" ForeColor="Black" />  
   <LoginButtonStyle BackColor="#FFFBFF" BorderColor="#CCCCCC" BorderStyle="Solid" BorderWidth="1px" Font-Names="Verdana" Font-Size="0.8em"       ForeColor="#284775" />  
   <TextBoxStyle Font-Size="0.8em" />  
   <TitleTextStyle BackColor="#5D7B9D" Font-Bold="True" Font-Size="0.9em" ForeColor="White" />  
</asp:login>  

Using the code above the output will be like:

Now double-click on the Login control and generate a Login1_Authenticate event handler.

protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)   
{     
} 

And if you write the following code such as the following:

protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)  
{  
    SqlConnection con = new SqlConnection(@"Data Source=.\sqlexpress;Initial Catalog=MyDb;Integrated Security=True");  
    string qry="select * from MyTable where Email='"+Login1.UserName+"'and Password='"+Login1.Password+"' ";  
    adpt = new SqlDataAdapter(qry,con);  
    dt = new DataTable();  
    adpt.Fill(dt);  
    if (dt.Rows.Count >= 1)  
    {  
        Response.Redirect("index.aspx");  
    }  
}  

Here index.aspx is another page that will be shown after login.

Now press F5 to run this project. On the run-time we will see the How SQL Injection can be done...?

After running the output will be:

Read More...

Sourabh Somani
He is Microsoft MVP & C# Corner MVP. His core competencies include Mobile and web applications development using .NET, Python, Node.js, C#, JavaScript, jQuery, SQL Server, NoSQL, MongoDB, and Angular.
Chittorgarh, Rajasthan, India