{ "id": "bbg-p0341-application-security-application-security-authentication", "title": "SQL Injection Attack Patterns", "chapter": "application-security", "batch": "20", "rank": 195, "sourcePage": 341, "sourcePointer": "p. 341", "status": "accepted", "reviewerStatus": "reviewed", "fidelityScore": 0.9, "canvas": { "width": 960, "height": 640 }, "fireworksTechGraph": { "style": "style-1-flat-icon", "diagramType": "data-flow", "topologyNotes": [ "source page render inspected", "extracted page text inspected", "source page render inspected", "preserve SQLi page structure: crafted input alters query behavior and exposes database data through direct, error, blind, or timing channels", "omit source branding, screenshots, exploit strings, and decorative warning artwork" ], "publicBoundary": [ "original vector output", "no source pixels", "no source mark or long wording" ] }, "callouts": [], "sourceReview": { "conceptAnchors": [ "concept: crafted user input", "concept: unsafe SQL query", "concept: database access", "concept: tautology, union/error, blind, and timing variants", "concept: parameterized query mitigation" ], "labelSource": "curated", "semanticStatus": "reviewed" }, "groups": [ { "id": "entry", "label": "Attack entry", "x": 48, "y": 118, "w": 184, "h": 348 }, { "id": "query", "label": "Query execution", "x": 286, "y": 118, "w": 210, "h": 348 }, { "id": "variants", "label": "Observed SQLi variants", "x": 550, "y": 118, "w": 190, "h": 348 }, { "id": "defense", "label": "Controls", "x": 784, "y": 118, "w": 128, "h": 348 } ], "shapes": [ { "id": "attacker", "kind": "actor", "label": "Attacker", "detail": "crafted input", "x": 96, "y": 176, "w": 82, "h": 88, "tone": "red" }, { "id": "form", "kind": "rect", "label": "Web input", "detail": "login search", "x": 86, "y": 326, "w": 104, "h": 62, "tone": "blue" }, { "id": "query", "kind": "rect", "label": "Unsafe query", "detail": "string build", "x": 338, "y": 164, "w": 116, "h": 64, "tone": "orange" }, { "id": "database", "kind": "cylinder", "label": "Database", "detail": "records", "x": 338, "y": 330, "w": 116, "h": 82, "tone": "green" }, { "id": "basic", "kind": "diamond", "label": "Tautology", "detail": "bypass", "x": 584, "y": 146, "w": 116, "h": 76, "tone": "red" }, { "id": "union", "kind": "rect", "label": "Union error", "detail": "direct leak", "x": 584, "y": 238, "w": 116, "h": 58, "tone": "purple" }, { "id": "blind", "kind": "rect", "label": "Blind probe", "detail": "true false", "x": 584, "y": 322, "w": 116, "h": 58, "tone": "teal" }, { "id": "timing", "kind": "rect", "label": "Time delay", "detail": "side channel", "x": 584, "y": 402, "w": 116, "h": 58, "tone": "gray" }, { "id": "param", "kind": "rect", "label": "Parameterized", "detail": "safe query", "x": 796, "y": 176, "w": 104, "h": 58, "tone": "green" }, { "id": "least", "kind": "rect", "label": "Least privilege", "detail": "limit blast", "x": 796, "y": 344, "w": 104, "h": 58, "tone": "blue" } ], "connectors": [ { "from": "attacker", "to": "form", "label": "input", "flow": "main" }, { "from": "form", "to": "query", "label": "concatenate", "flow": "control" }, { "from": "query", "to": "database", "label": "execute", "flow": "main" }, { "from": "basic", "to": "query", "label": "bypass", "flow": "alt" }, { "from": "union", "to": "database", "label": "extract", "flow": "alt" }, { "from": "blind", "to": "database", "label": "infer", "flow": "data", "dashed": true }, { "from": "timing", "to": "database", "label": "measure", "flow": "data", "dashed": true }, { "from": "param", "to": "query", "label": "bind", "flow": "control" }, { "from": "least", "to": "database", "label": "constrain", "flow": "control" } ] }