Phases of SQL Injection

Phases of SQL injection

1. Locating SQL injection vulnerabilities
2. Reverse engineering the vulnerable SQL query
3. Getting the results of arbitrary SQL queries
4. Enumeration of priviledges
5. Penetration of infrastructure

Adopted from Susan Young and Dave Aitel's book The Hacker's Handbook: The Strategy Behind Breaking into and Defending Networks