How to Detect SQLI Attacks using C/C++

Threat actors can carry out SQL Injection (SQLI) attacks by entering malicious input into poorly validated login forms, search fields, and a variety of other entry points. Thankfully, using the ready-to-run code examples below, you can quickly detect and prevent attempted SQLI attacks from text input and avert disastrous outcomes like data loss and denial of service.

To structure your API call, start by installing Libcurl in your C/C++ project:

libcurl/7.75.0

After that, copy the below code to make your request, and provide a free-tier API key in the authorization header:

CURL *curl;
CURLcode res;
curl = curl_easy_init();
if(curl) {
     curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "POST");
     curl_easy_setopt(curl, CURLOPT_URL, "https://api.cloudmersive.com/security/threat-detection/content/sql-injection/detect/string");
     curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L);
     curl_easy_setopt(curl, CURLOPT_DEFAULT_PROTOCOL, "https");
     struct curl_slist *headers = NULL;
     headers = curl_slist_append(headers, "Content-Type: application/json");
     headers = curl_slist_append(headers, "Apikey: YOUR-API-KEY-HERE");
     curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers);
     const char *data = "\"<string>\"";
     curl_easy_setopt(curl, CURLOPT_POSTFIELDS, data);
     res = curl_easy_perform(curl);
}
curl_easy_cleanup(curl);

You can get an API key for free by registering a free account on the Cloudmersive website (this allows up to 800 API calls per month with no additional commitment).

When SQLI attacks are identified, you’ll receive a “ContainedSqlInjectionAttack”: true response.