Your SlideShare is downloading. ×
0
Cyber crime an eye opener  144 te 2 t-7
Cyber crime an eye opener  144 te 2 t-7
Cyber crime an eye opener  144 te 2 t-7
Cyber crime an eye opener  144 te 2 t-7
Cyber crime an eye opener  144 te 2 t-7
Cyber crime an eye opener  144 te 2 t-7
Cyber crime an eye opener  144 te 2 t-7
Cyber crime an eye opener  144 te 2 t-7
Cyber crime an eye opener  144 te 2 t-7
Cyber crime an eye opener  144 te 2 t-7
Cyber crime an eye opener  144 te 2 t-7
Cyber crime an eye opener  144 te 2 t-7
Cyber crime an eye opener  144 te 2 t-7
Cyber crime an eye opener  144 te 2 t-7
Cyber crime an eye opener  144 te 2 t-7
Cyber crime an eye opener  144 te 2 t-7
Cyber crime an eye opener  144 te 2 t-7
Cyber crime an eye opener  144 te 2 t-7
Cyber crime an eye opener  144 te 2 t-7
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Cyber crime an eye opener 144 te 2 t-7

88

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
88
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. CYBER CRIME AN EYE OPENER – SQL INJECTION (SQLIA’S) Seminar Guide Prof.S A Shinde Gargee S Hiray TE 2 Roll no : 144
  • 2. SOME QUESTIONS ?  What are we so concerned about?  What are we trying to protect?  What an Ethical Hacker is and does ?
  • 3. WHAT ARE WE SO CONCERNED ABOUT?
  • 4. WHAT ARE WE TRYING TO PROTECT?
  • 5. WHAT AN HACKER IS AND DOES ?  Someone who seeks and exploits weaknesses in a computer system or computer network  Who makes innovative customizations or computer equipment.  Who combines excellence, playfulness and cleverness in performed activities
  • 6. TYPES OF HACKERS
  • 7. OVER VIEW What is SQL INJECTION ?  How common is it?  Can we hack website easily ?  How does it work ?  Finding SQL Injection .  Protecting against SQL Injection  Impact of SQL Injection.  SQL injection Conclusion. 
  • 8. WHAT IS SQL INJECTION?  SQL Injections are attacks by which an attacker alters the structure of the original SQL query by injecting SQL code in the input fields of the web form in order to gain unauthorized access to the database.
  • 9. HOW COMMON IS IT? It is probably the most common Website vulnerability today!  It is a flaw in "web application" development, it is not a DB or web server problem  More than 60 % of the websites are Hacked due to SQL Injection . 
  • 10. CAN WE HACK WEBSITE EASILY ?
  • 11. HOW DOES IT WORK ?
  • 12. FINDING SQL INJECTION 1. Submit a single quote as input ' If an error results, app is vulnerable. If no error, check for any output changes. 2. Submit two single quotes. Databases use ’’ to represent literal ’ If error disappears, app is vulnerable. 3. Try string or numeric operators.
  • 13. EXAMPLES ' or '1'='1' -- '  ' or '1'='1' ({ ‘  ' or '1'='1' /* ‘  ' or '1'=‘1 
  • 14. PROTECTING AGAINST SQL INJECTION strong design  correct input validation 
  • 15. IMPACT OF SQL INJECTION 1. 2. 3. 4. 5. Leakage of sensitive information. Reputation decline. Modification of sensitive information. Loss of control of db server. Data loss.
  • 16. SQL INJECTION CONCLUSION SQL injection is technique for exploiting applications that use relational databases as their back end.  Transform the innocent SQL calls to a malicious call  Cause unauthorized access, deletion of data, or theft of information 
  • 17. REFERENCES  SQL INJECTIONS – A HAZARD TO WEB APPLICATIONS By- Neha Singh and Ravindra Kumar Purwar Issue 6, June 2012.  SQL INJECTION ATTACKS DETECTION IN ADVERSARI AL ENVIRONMENTS BY K-CENTERS Issue 15-17 July, 2012 http://www.britannica.com/EBchecked/topic/130595 /cybercrime  http://www.acunetix.com/websitesecurity/sqlinjection/ 
  • 18. THANK YOU Any Query ?

×