Member-only story
Invoking Stored Procedures with Python
Make SQL Injection Vulnerabilities Harder to Exploit
Hello, World! In this tutorial, you will learn how to create stored procedures in MySQL and then how to invoke these stored procedures using Python. SQL injection is by far one of the most dangerous vulnerabilities that a web application can have and is in fact ranked as the number one vulnerability in the OWASP Top 10 list under the category of Injection. Many of the breaches and data dumps that you often hear about in the news were possible because of a SQL injection flaw that existed in an application. Let’s go ahead and start by setting up our MySQL database.
Note: to follow along with this article, you will need to install Docker because I will be using MySQL’s Docker container for creating the MySQL database.
Setting up a MySQL database with Docker
Run the following commands in your terminal to download the MySQL Docker image and run the container (there are only two commands below):
docker pull mysqldocker run --name mysql -p 3306:3306 -e MYSQL_ROOT_PASSWORD=[your_password] -d mysql:latest
After running the two commands above, run the following command to gain shell access to the MySQL container:
