4.9. Database SQL Injection

4.9.1. Prepare query

Query with SQL injection possibility:

SQL_QUERY = f"""

    SELECT id, username, email
    FROM users
    WHERE username='{username}' AND password='{password}'

"""

4.9.2. Get user input

username = input('Username: ')
# ' OR 1=1; DROP TABLE users --

password = input('Password: ')
# 123

4.9.3. Execute query

Exploited SQL injection, will Select all users and then Drop all data from table users:

print(query)
# SELECT id, username, email
# FROM users
# WHERE username='' OR 1=1; DROP TABLE users -- ' AND password='132'
../_images/sql-injection.jpg

Figure 4.1. SQL Injection