2. What is an SQL
Injection?
• Who is vulnerable?
• Why you should care
• What can you do about it?
3. What threats do SQL
injections pose?
• Subversion
• Masquerade
• Disclosure
• Forgery
• Denial of Service
4. How do SQL injections work?
• “Inject” commands where program is expecting a string or text
• The code reads the command and retrieves information from the database
• Attacker can steal info from database or masquerade as a user or admin
5. How are SQL injections
executed?
• Using OR logic
• Boolean conditions
• Using ticks (‘), semicolons (;) and escape
characters (#,--)
• Examples: ‘ OR 1=1 #
• UPDATE credentials SET password
=“12345” WHERE user = “Alice”#
6. Where to inject your
code?
• SQL injections typically work with http
requests
• GET and POST requests
• URL bar
• Command line
7. How are SQL injections detected?
• SQL Server Audit
• Data Manipulation Language
• Data Definition Language
8. How to prevent SQL
injection
• Prepared statements
• Validate input data
• Object Relational Mapping
• Managing escape characterss
• DO NOT concatenate strings!