Introduction Recently I started to learn SQL injection, which is the first point ethical hackers should learn after learning the Computer Science basics such as Computer Network. I personally think it is a bit difficult for newbies to get started with SQL injection, and I don't dare to start when it comes to CTF questions, so here I will briefly talk about the points that newbies need to pay attention to. Text Principles When the web application passes SQL statements to the backend database for database operations. If the parameters entered by the user are not strictly filtered, the attacker can construct a special SQL statement, directly input it into the database engine for execution, and obtain or modify the data in the database. Therefore, the essence of the SQL injection vulnerability is to execute the data entered by the user as code. There are two key conditions for SQL injection: the user can control the input content; the web application brings the user input content into
A Rookie Hacker Learning Cyber Security