This Spring Boot application demonstrates common SQL injection vulnerabilities and how they can be detected. The project uses JDK 21 and Maven.
This application contains deliberately vulnerable code to demonstrate SQL injection attacks. It includes:
- Direct string concatenation in JDBC queries
- Unsafe parameter usage in native JPA queries
- Endpoints that expose these vulnerabilities
In UserRepositoryImpl.java:
// VULNERABLE CODE: Direct string concatenation
String sql = "SELECT * FROM users WHERE username = '" + username + "'";This allows attacks like: ' OR '1'='1
- Start the application
- Use the H2 console at http://localhost:8080/h2-console to view the database
- Try SQL injection attacks on the following endpoints:
- GET
/api/users/find?username=admin' OR '1'='1
- GET
To fix these vulnerabilities:
- Use prepared statements with parameterized queries
- Validate and sanitize all user inputs
- Implement proper error handling to avoid exposing database details