ITM 820 Lecture Notes - Lecture 4: Sql Injection, Query Language, Database Server

It"s a table of data consisting of rows and columns. Each column holds a particular type of data and each row contains a specific value for each column. It enables the creation of multiple tables linked together by a unique identifier and uses a relational query language to access the database. Relational database elements: the basic building block is a relation, which is a flat table. It"s the sta(cid:374)da(cid:396)dized la(cid:374)guage to define schema, manipulate, and query data in a relational database: sql statements can be used to create tables, insert and delete data in tables, create views, and retrieve data with query statements. Sql injection attacks (sqli) example slide 14. It"s designed to exploit the nature of web application pages and sends malicious sql commands to the database server. Most common attack goal is bulk extraction of data: depending on the environment, sql injection can be exploited to modify or delete data, execute arbitrary os commands, or launch dos attacks.