What is the primary goal of using SQL injection as an attack method?

The primary goal of using SQL injection as an attack method is to gain unauthorized access to data. SQL injection takes advantage of vulnerabilities in applications that interact with SQL databases. By injecting malicious SQL code into input fields, an attacker can manipulate the database's queries, allowing them to retrieve, modify, or delete sensitive information without proper authorization.

This method exploits weaknesses in the application's data handling, enabling attackers to bypass authentication mechanisms, extract hidden data, or manipulate database records. The focus of SQL injection is specifically on data and its unauthorized access, making it a potent threat in web application security.

While other options suggest different types of attacks or goals, they do not align with the core objective of SQL injection. For example, disrupting network services relates more to denial-of-service attacks, infecting systems with malware pertains to different attack vectors, and authenticating users without passwords misrepresents the fundamental intent of SQL injection, which is about data access rather than authentication bypass.