SlideShare a Scribd company logo

SQL Injection Attacks

Download as PPTX, PDF
HTS Hosting
HTS Hosting

SQL injection attack occurs through the insertion and execution of malicious SQL statements into the entry field of data-driven applications. It exploits security related vulnerabilities in the software of an application

Technology
1 of 14
SQL Injection Attacks
Table of Contents 2  Database  SQL  RDBMS  Uses of SQL  Applications of SQL  SQL Commands  SQL Injection  SQL Injection’s Categories  SQL Injection Attack’s Impact  Examples of SQL Injection
 Any structured information or data that is in the form of an organized collection and typically stored electronically is referred to as a database. A database management system (DBMS) usually controls a database. The data and the database management system along with the associated applications are known as the database system. Data that is in most of the databases is modelled in such a way that makes it easy to process and renders data querying efficient.  The data in a database can be accessed, managed, modified, updated, controlled and organized easily and efficiently. SQL (Structured Query Language) is used by most databases for the purpose of writing and querying data.  To digress, data of websites are stored on the web servers of web hosting companies. The best web hosts are often referred to as the “Best Windows Hosting Company” or as the “Best Linux Hosting Company” or as the “Top Cloud Hosting Company”. 3 DATABASE
YELLOW  SQL is the abbreviation for Structured Query Language. Almost all the relational databases use the programming language, SQL, for querying, manipulating as well as defining data and providing access control. Despite being an ANSI/ISO standard, there are various versions of the SQL language. SQL 4
RDBMS  RDBMS is the abbreviation for Relational Database Management System. It is a database in which data is stored in tables, so that the data can be used in relation to other stored datasets. Most of the databases that are used by businesses are relational databases. RDBMS serves as the basis for SQL as well as for all modern database systems. 5
 The uses of SQL are mentioned below. These uses shed light on the operations that are performed with regard to a database.  A new database can be created with SQL  New data can be inserted in the database  Previous data can be modified or updated  Data can be retrieved from the database  Data can be deleted  A new table can be created in one database and it can be dropped as well  Permissions can be set for table, procedures and views  Function, views and stored procedures can be created 6 Uses of SQL
Applications of SQL 7 A few of the applications of SQL are mentioned below. SQL functions as a Data Defining Language (DDL). Hence, it can be used to make a database autonomously and to characterize its structure. It is a Data Control Language (DCL) that is used to determine the way in which an information base can be ensured against debasement and misuse. SQL acts as a Data Manipulation Language (DML). This helps to keep a database that existed previously. It is used widely as a Client or Server language. It can be used with regard to the three-level design that characterizes the Internet architecture.
8 1-800-123 -8156 Whoa! That’s a big number, aren’t you proud?
 SQL commands can be divided into 3 categories with regard to one’s work. These are mentioned below.  Data Definition Language (DDL): DDL has three parts, which are create, alter and drop. Create is used to create a new object in a database. Alter is used for modifying objects in a database. Drop is used to delete an object.  Data Manipulation Language (DML): DML has 4 parts, which are select, insert, update and delete. Select is used to retrieve one or more data. A new record can be entered by using Insert. Update is used to modify a record. By using Delete a record can be deleted.  Data Control Language (DCL): DCL has 2 parts, which are grant and revoke. Grant gives permission to users. Revoke is used to deny permission. 9 SQL Commands
 SQL injection refers to a malicious code injection technique in which malicious code is inserted in SQL statements through web page input. It is used for the purpose of attacking data-driven applications by inserting malicious SQL statements into an entry field for execution. It is used frequently as a web hacking technique. In it arbitrary SQL commands are inserted in the queries, which are made by a web application to its database.  SQL injection exploits security vulnerability that exists in any application’s software. It is known to be an attack vector for websites but it can be used to attack SQL database of any type. With the aid of SQL injection attackers can spoof identity as well as tamper with existing data. It can be used to cause repudiation issues. 10 SQL Injection
 There are 3 major categories of SQL injections which are mentioned below.  In-band SQLi- It takes place when an attacker uses a single communication channel to launch an attack and gather results.  Inferential SQLi- In it an attacker can reconstruct the database structure. This is done by sending payloads, observing the response of the web application and the database server’s resulting behavior.  Out-of-band SQLi- It occurs in the event that an attacker is unable to make use of the same channel for launching an attack and gathering the results. 11 SQL Injection’s Categories
 An SQL injection attack that is successful leads to the following-  Unauthorized access to sensitive data  Damage to reputation  Regulatory fines 12 SQL Injection Attack’s Impact
 The most common examples of SQL injection are mentioned below.  Retrieving hidden data- In it an SQL query can be modified to return additional results.  Subverting application logic- In it a query can be changed to interfere with the application's logic.  UNION attacks- It retrieves data from various database tables.  Examining the database- Information related to the version and structure of a database can be extracted.  Blind SQL injection- In it the results of a query that is being controlled, are not returned in the responses of the application. 13 Examples of SQL Injection
14 Thanks! ANY QUESTIONS? You can find me at: www.htshosting.org support@htshosting.org

Recommended

Rdbms Practical file diploma
Rdbms Practical file diploma Rdbms Practical file diploma
Rdbms Practical file diploma mustkeem khan
 
Unit iii dbms
Unit iii dbmsUnit iii dbms
Unit iii dbmsArnav Chowdhury
 
Dbms unit i
Dbms unit iDbms unit i
Dbms unit iArnav Chowdhury
 
SQL Injection - Newsletter
SQL Injection - NewsletterSQL Injection - Newsletter
SQL Injection - NewsletterSmitha Padmanabhan
 
Dbms
DbmsDbms
DbmsBhandari Nawaraj
 
Advantages and disadvantages of DBMS
Advantages and disadvantages of DBMSAdvantages and disadvantages of DBMS
Advantages and disadvantages of DBMSMohit Singhal
 
Sql interview questions and answers
Sql interview questions and answersSql interview questions and answers
Sql interview questions and answerssheibansari
 
Advantages and disadvantages of relational databases
Advantages and disadvantages of relational databasesAdvantages and disadvantages of relational databases
Advantages and disadvantages of relational databasesSanthiNivas
 

Recommended

Rdbms Practical file diploma
Rdbms Practical file diploma Rdbms Practical file diploma
Rdbms Practical file diploma mustkeem khan
 
Unit iii dbms
Unit iii dbmsUnit iii dbms
Unit iii dbmsArnav Chowdhury
 
Dbms unit i
Dbms unit iDbms unit i
Dbms unit iArnav Chowdhury
 
SQL Injection - Newsletter
SQL Injection - NewsletterSQL Injection - Newsletter
SQL Injection - NewsletterSmitha Padmanabhan
 
Dbms
DbmsDbms
DbmsBhandari Nawaraj
 
Advantages and disadvantages of DBMS
Advantages and disadvantages of DBMSAdvantages and disadvantages of DBMS
Advantages and disadvantages of DBMSMohit Singhal
 
Sql interview questions and answers
Sql interview questions and answersSql interview questions and answers
Sql interview questions and answerssheibansari
 
Advantages and disadvantages of relational databases
Advantages and disadvantages of relational databasesAdvantages and disadvantages of relational databases
Advantages and disadvantages of relational databasesSanthiNivas
 
Databse management system
Databse management systemDatabse management system
Databse management systemChittagong University
 
Structure of Database MAnagement System
Structure of Database MAnagement SystemStructure of Database MAnagement System
Structure of Database MAnagement Systemnitish sandhawar
 
Ebook5
Ebook5Ebook5
Ebook5kaashiv1
 
Structure of dbms
Structure of dbmsStructure of dbms
Structure of dbmsMegha yadav
 
Sql injections
Sql injectionsSql injections
Sql injectionsKK004
 
Bt0066 database management system1
Bt0066 database management system1Bt0066 database management system1
Bt0066 database management system1Techglyphs
 
Sql injection
Sql injectionSql injection
Sql injectionSafwan Hashmi
 
Active database system
Active database systemActive database system
Active database systemAdeolu Olaniyan
 
Deductive Databases
Deductive DatabasesDeductive Databases
Deductive DatabasesMaroun Baydoun
 
GreenSQL Security
GreenSQL Security GreenSQL Security
GreenSQL Securityijsrd.com
 
Sql Injection and Entity Frameworks
Sql Injection and Entity FrameworksSql Injection and Entity Frameworks
Sql Injection and Entity FrameworksRich Helton
 
Dbms
DbmsDbms
DbmsNitesh Nayal
 
PL/SQL Interview Questions
PL/SQL Interview QuestionsPL/SQL Interview Questions
PL/SQL Interview QuestionsSrinimf-Slides
 
DATABASE INTRODUCTION
DATABASE INTRODUCTIONDATABASE INTRODUCTION
DATABASE INTRODUCTIONghazi103
 
Oracle developer interview questions(entry level)
Oracle developer interview questions(entry level)Oracle developer interview questions(entry level)
Oracle developer interview questions(entry level)Naveen P
 
SQL Injections - A Powerpoint Presentation
SQL Injections - A Powerpoint PresentationSQL Injections - A Powerpoint Presentation
SQL Injections - A Powerpoint PresentationRapid Purple
 
DATABASE FUNCTIONS
DATABASE FUNCTIONSDATABASE FUNCTIONS
DATABASE FUNCTIONSghazi103
 
SQL Injection
SQL InjectionSQL Injection
SQL InjectionAsish Kumar Rath
 
A Detail Database Architecture
A Detail Database ArchitectureA Detail Database Architecture
A Detail Database ArchitectureProf Ansari
 
Migration of application schema to windows azure
Migration of application schema to windows azureMigration of application schema to windows azure
Migration of application schema to windows azureeSAT Publishing House
 
Introduction to SQL
Introduction to SQLIntroduction to SQL
Introduction to SQLTayyab Hussain
 
Bank mangement system
Bank mangement systemBank mangement system
Bank mangement systemFaisalGhffar
 

More Related Content

What's hot

Structure of Database MAnagement System
Structure of Database MAnagement SystemStructure of Database MAnagement System
Structure of Database MAnagement Systemnitish sandhawar
 
Structure of dbms
Structure of dbmsStructure of dbms
Structure of dbmsMegha yadav
 
Sql injections
Sql injectionsSql injections
Sql injectionsKK004
 
Bt0066 database management system1
Bt0066 database management system1Bt0066 database management system1
Bt0066 database management system1Techglyphs
 
GreenSQL Security
GreenSQL Security GreenSQL Security
GreenSQL Securityijsrd.com
 
Sql Injection and Entity Frameworks
Sql Injection and Entity FrameworksSql Injection and Entity Frameworks
Sql Injection and Entity FrameworksRich Helton
 
PL/SQL Interview Questions
PL/SQL Interview QuestionsPL/SQL Interview Questions
PL/SQL Interview QuestionsSrinimf-Slides
 
DATABASE INTRODUCTION
DATABASE INTRODUCTIONDATABASE INTRODUCTION
DATABASE INTRODUCTIONghazi103
 
Oracle developer interview questions(entry level)
Oracle developer interview questions(entry level)Oracle developer interview questions(entry level)
Oracle developer interview questions(entry level)Naveen P
 
SQL Injections - A Powerpoint Presentation
SQL Injections - A Powerpoint PresentationSQL Injections - A Powerpoint Presentation
SQL Injections - A Powerpoint PresentationRapid Purple
 
DATABASE FUNCTIONS
DATABASE FUNCTIONSDATABASE FUNCTIONS
DATABASE FUNCTIONSghazi103
 
A Detail Database Architecture
A Detail Database ArchitectureA Detail Database Architecture
A Detail Database ArchitectureProf Ansari
 
Migration of application schema to windows azure
Migration of application schema to windows azureMigration of application schema to windows azure
Migration of application schema to windows azureeSAT Publishing House
 

What's hot (20)

Databse management system
Databse management systemDatabse management system
Databse management system
 
Structure of Database MAnagement System
Structure of Database MAnagement SystemStructure of Database MAnagement System
Structure of Database MAnagement System
 
Ebook5
Ebook5Ebook5
Ebook5
 
Structure of dbms
Structure of dbmsStructure of dbms
Structure of dbms
 
Sql injections
Sql injectionsSql injections
Sql injections
 
Bt0066 database management system1
Bt0066 database management system1Bt0066 database management system1
Bt0066 database management system1
 
Sql injection
Sql injectionSql injection
Sql injection
 
Active database system
Active database systemActive database system
Active database system
 
Deductive Databases
Deductive DatabasesDeductive Databases
Deductive Databases
 
GreenSQL Security
GreenSQL Security GreenSQL Security
GreenSQL Security
 
Sql Injection and Entity Frameworks
Sql Injection and Entity FrameworksSql Injection and Entity Frameworks
Sql Injection and Entity Frameworks
 
Dbms
DbmsDbms
Dbms
 
PL/SQL Interview Questions
PL/SQL Interview QuestionsPL/SQL Interview Questions
PL/SQL Interview Questions
 
DATABASE INTRODUCTION
DATABASE INTRODUCTIONDATABASE INTRODUCTION
DATABASE INTRODUCTION
 
Oracle developer interview questions(entry level)
Oracle developer interview questions(entry level)Oracle developer interview questions(entry level)
Oracle developer interview questions(entry level)
 
SQL Injections - A Powerpoint Presentation
SQL Injections - A Powerpoint PresentationSQL Injections - A Powerpoint Presentation
SQL Injections - A Powerpoint Presentation
 
DATABASE FUNCTIONS
DATABASE FUNCTIONSDATABASE FUNCTIONS
DATABASE FUNCTIONS
 
SQL Injection
SQL InjectionSQL Injection
SQL Injection
 
A Detail Database Architecture
A Detail Database ArchitectureA Detail Database Architecture
A Detail Database Architecture
 
Migration of application schema to windows azure
Migration of application schema to windows azureMigration of application schema to windows azure
Migration of application schema to windows azure
 

Similar to SQL Injection Attacks

Bank mangement system
Bank mangement systemBank mangement system
Bank mangement systemFaisalGhffar
 
Types of sql commands by naveen kumar veligeti
Types of sql commands by naveen kumar veligetiTypes of sql commands by naveen kumar veligeti
Types of sql commands by naveen kumar veligetiNaveen Kumar Veligeti
 
SQL for Data Analytics: Mastering Queries and Reporting with Training
SQL for Data Analytics: Mastering Queries and Reporting with TrainingSQL for Data Analytics: Mastering Queries and Reporting with Training
SQL for Data Analytics: Mastering Queries and Reporting with TrainingUncodemy
 
Introduction to the Structured Query Language SQL
Introduction to the Structured Query Language SQLIntroduction to the Structured Query Language SQL
Introduction to the Structured Query Language SQLHarmony Kwawu
 
Database Computer presentation file .pptx
Database Computer presentation file .pptxDatabase Computer presentation file .pptx
Database Computer presentation file .pptxMisqalezara
 
Database management system
Database management systemDatabase management system
Database management systemRizwanHafeez
 
Data base management system
Data base management systemData base management system
Data base management systemashirafzal1
 
SQL EXCLUSIVE NOTES .pdf
SQL EXCLUSIVE NOTES .pdfSQL EXCLUSIVE NOTES .pdf
SQL EXCLUSIVE NOTES .pdfNiravPanchal50
 
Database Management Systems (Mcom Ecommerce)
Database Management Systems (Mcom Ecommerce)Database Management Systems (Mcom Ecommerce)
Database Management Systems (Mcom Ecommerce)Rupen Parte
 
Lecture on DBMS & MySQL.pdf v. C. .
Lecture on DBMS & MySQL.pdf v. C. .Lecture on DBMS & MySQL.pdf v. C. .
Lecture on DBMS & MySQL.pdf v. C. .MayankSinghRawat6
 
DEE 431 Introduction to DBMS Slide 1
DEE 431 Introduction to DBMS Slide 1DEE 431 Introduction to DBMS Slide 1
DEE 431 Introduction to DBMS Slide 1YOGESH SINGH
 
Sql interview question part 5
Sql interview question part 5Sql interview question part 5
Sql interview question part 5kaashiv1
 
Data Mining And Data Warehousing Laboratory File Manual
Data Mining And Data Warehousing Laboratory File ManualData Mining And Data Warehousing Laboratory File Manual
Data Mining And Data Warehousing Laboratory File ManualNitin Bhasin
 

Similar to SQL Injection Attacks (20)

Introduction to SQL
Introduction to SQLIntroduction to SQL
Introduction to SQL
 
Bank mangement system
Bank mangement systemBank mangement system
Bank mangement system
 
Types of sql commands by naveen kumar veligeti
Types of sql commands by naveen kumar veligetiTypes of sql commands by naveen kumar veligeti
Types of sql commands by naveen kumar veligeti
 
SQL for Data Analytics: Mastering Queries and Reporting with Training
SQL for Data Analytics: Mastering Queries and Reporting with TrainingSQL for Data Analytics: Mastering Queries and Reporting with Training
SQL for Data Analytics: Mastering Queries and Reporting with Training
 
Introduction to the Structured Query Language SQL
Introduction to the Structured Query Language SQLIntroduction to the Structured Query Language SQL
Introduction to the Structured Query Language SQL
 
Dbms notes
Dbms notesDbms notes
Dbms notes
 
Data Base
Data BaseData Base
Data Base
 
Database Computer presentation file .pptx
Database Computer presentation file .pptxDatabase Computer presentation file .pptx
Database Computer presentation file .pptx
 
Database management system
Database management systemDatabase management system
Database management system
 
Data base management system
Data base management systemData base management system
Data base management system
 
Database
DatabaseDatabase
Database
 
SQL EXCLUSIVE NOTES .pdf
SQL EXCLUSIVE NOTES .pdfSQL EXCLUSIVE NOTES .pdf
SQL EXCLUSIVE NOTES .pdf
 
Database Management Systems
Database Management SystemsDatabase Management Systems
Database Management Systems
 
Sqlite
SqliteSqlite
Sqlite
 
Database Management Systems (Mcom Ecommerce)
Database Management Systems (Mcom Ecommerce)Database Management Systems (Mcom Ecommerce)
Database Management Systems (Mcom Ecommerce)
 
Lecture on DBMS & MySQL.pdf v. C. .
Lecture on DBMS & MySQL.pdf v. C. .Lecture on DBMS & MySQL.pdf v. C. .
Lecture on DBMS & MySQL.pdf v. C. .
 
DEE 431 Introduction to DBMS Slide 1
DEE 431 Introduction to DBMS Slide 1DEE 431 Introduction to DBMS Slide 1
DEE 431 Introduction to DBMS Slide 1
 
Sql interview question part 5
Sql interview question part 5Sql interview question part 5
Sql interview question part 5
 
ICT L5+.pptx
ICT L5+.pptxICT L5+.pptx
ICT L5+.pptx
 
Data Mining And Data Warehousing Laboratory File Manual
Data Mining And Data Warehousing Laboratory File ManualData Mining And Data Warehousing Laboratory File Manual
Data Mining And Data Warehousing Laboratory File Manual
 

More from HTS Hosting

Web Hosting and WordPress Hosting
Web Hosting and WordPress HostingWeb Hosting and WordPress Hosting
Web Hosting and WordPress HostingHTS Hosting
 
Availing Windows Dedicated Servers of HTS Hosting
Availing Windows Dedicated Servers of HTS HostingAvailing Windows Dedicated Servers of HTS Hosting
Availing Windows Dedicated Servers of HTS HostingHTS Hosting
 
HTS Dedicated Servers
HTS Dedicated ServersHTS Dedicated Servers
HTS Dedicated ServersHTS Hosting
 
Linux Dedicated Server Plans
Linux Dedicated Server PlansLinux Dedicated Server Plans
Linux Dedicated Server PlansHTS Hosting
 
HTS Dedicated Servers
HTS Dedicated ServersHTS Dedicated Servers
HTS Dedicated ServersHTS Hosting
 
Common Web Hosting Solutions
Common Web Hosting SolutionsCommon Web Hosting Solutions
Common Web Hosting SolutionsHTS Hosting
 
Basic Web Host Manager Setup
Basic Web Host Manager SetupBasic Web Host Manager Setup
Basic Web Host Manager SetupHTS Hosting
 
Essential Features in Web Hosting Plans
Essential Features in Web Hosting PlansEssential Features in Web Hosting Plans
Essential Features in Web Hosting PlansHTS Hosting
 
Difference Between Managed VPS Hosting Self-Managed VPS Hosting
Difference Between Managed VPS Hosting Self-Managed VPS HostingDifference Between Managed VPS Hosting Self-Managed VPS Hosting
Difference Between Managed VPS Hosting Self-Managed VPS HostingHTS Hosting
 
Web Hosting, Web Servers, Web Hosts and More
Web Hosting, Web Servers, Web Hosts and MoreWeb Hosting, Web Servers, Web Hosts and More
Web Hosting, Web Servers, Web Hosts and MoreHTS Hosting
 
Know about Hosting a Business Website
Know about Hosting a Business WebsiteKnow about Hosting a Business Website
Know about Hosting a Business WebsiteHTS Hosting
 
Web Hosting Terms
Web Hosting TermsWeb Hosting Terms
Web Hosting TermsHTS Hosting
 
Reseller Hosting and Dedicated Web Servers
Reseller Hosting and Dedicated Web ServersReseller Hosting and Dedicated Web Servers
Reseller Hosting and Dedicated Web ServersHTS Hosting
 
Reseller Hosting and Managed VPS Hosting
Reseller Hosting and Managed VPS HostingReseller Hosting and Managed VPS Hosting
Reseller Hosting and Managed VPS HostingHTS Hosting
 
Backup Tarball Contents
Backup Tarball ContentsBackup Tarball Contents
Backup Tarball ContentsHTS Hosting
 
VPS and Dedicated Servers
VPS and Dedicated ServersVPS and Dedicated Servers
VPS and Dedicated ServersHTS Hosting
 
Best WordPress Hosting Plans
Best WordPress Hosting Plans Best WordPress Hosting Plans
Best WordPress Hosting Plans HTS Hosting
 
Best Linux Dedicated Hosting Plans
Best Linux Dedicated Hosting PlansBest Linux Dedicated Hosting Plans
Best Linux Dedicated Hosting PlansHTS Hosting
 
Different Types of Web Hosting Services
Different Types of Web Hosting ServicesDifferent Types of Web Hosting Services
Different Types of Web Hosting ServicesHTS Hosting
 

More from HTS Hosting (20)

Web Hosting and WordPress Hosting
Web Hosting and WordPress HostingWeb Hosting and WordPress Hosting
Web Hosting and WordPress Hosting
 
Availing Windows Dedicated Servers of HTS Hosting
Availing Windows Dedicated Servers of HTS HostingAvailing Windows Dedicated Servers of HTS Hosting
Availing Windows Dedicated Servers of HTS Hosting
 
HTS Dedicated Servers
HTS Dedicated ServersHTS Dedicated Servers
HTS Dedicated Servers
 
Linux Dedicated Server Plans
Linux Dedicated Server PlansLinux Dedicated Server Plans
Linux Dedicated Server Plans
 
HTS Dedicated Servers
HTS Dedicated ServersHTS Dedicated Servers
HTS Dedicated Servers
 
Common Web Hosting Solutions
Common Web Hosting SolutionsCommon Web Hosting Solutions
Common Web Hosting Solutions
 
Basic Web Host Manager Setup
Basic Web Host Manager SetupBasic Web Host Manager Setup
Basic Web Host Manager Setup
 
Essential Features in Web Hosting Plans
Essential Features in Web Hosting PlansEssential Features in Web Hosting Plans
Essential Features in Web Hosting Plans
 
VPS Hosting
VPS HostingVPS Hosting
VPS Hosting
 
Difference Between Managed VPS Hosting Self-Managed VPS Hosting
Difference Between Managed VPS Hosting Self-Managed VPS HostingDifference Between Managed VPS Hosting Self-Managed VPS Hosting
Difference Between Managed VPS Hosting Self-Managed VPS Hosting
 
Web Hosting, Web Servers, Web Hosts and More
Web Hosting, Web Servers, Web Hosts and MoreWeb Hosting, Web Servers, Web Hosts and More
Web Hosting, Web Servers, Web Hosts and More
 
Know about Hosting a Business Website
Know about Hosting a Business WebsiteKnow about Hosting a Business Website
Know about Hosting a Business Website
 
Web Hosting Terms
Web Hosting TermsWeb Hosting Terms
Web Hosting Terms
 
Reseller Hosting and Dedicated Web Servers
Reseller Hosting and Dedicated Web ServersReseller Hosting and Dedicated Web Servers
Reseller Hosting and Dedicated Web Servers
 
Reseller Hosting and Managed VPS Hosting
Reseller Hosting and Managed VPS HostingReseller Hosting and Managed VPS Hosting
Reseller Hosting and Managed VPS Hosting
 
Backup Tarball Contents
Backup Tarball ContentsBackup Tarball Contents
Backup Tarball Contents
 
VPS and Dedicated Servers
VPS and Dedicated ServersVPS and Dedicated Servers
VPS and Dedicated Servers
 
Best WordPress Hosting Plans
Best WordPress Hosting Plans Best WordPress Hosting Plans
Best WordPress Hosting Plans
 
Best Linux Dedicated Hosting Plans
Best Linux Dedicated Hosting PlansBest Linux Dedicated Hosting Plans
Best Linux Dedicated Hosting Plans
 
Different Types of Web Hosting Services
Different Types of Web Hosting ServicesDifferent Types of Web Hosting Services
Different Types of Web Hosting Services
 

Recently uploaded

My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Neo4j
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfjimielynbastida
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 

Recently uploaded (20)

My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdf
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 

SQL Injection Attacks

  • 2. Table of Contents 2  Database  SQL  RDBMS  Uses of SQL  Applications of SQL  SQL Commands  SQL Injection  SQL Injection’s Categories  SQL Injection Attack’s Impact  Examples of SQL Injection
  • 3.  Any structured information or data that is in the form of an organized collection and typically stored electronically is referred to as a database. A database management system (DBMS) usually controls a database. The data and the database management system along with the associated applications are known as the database system. Data that is in most of the databases is modelled in such a way that makes it easy to process and renders data querying efficient.  The data in a database can be accessed, managed, modified, updated, controlled and organized easily and efficiently. SQL (Structured Query Language) is used by most databases for the purpose of writing and querying data.  To digress, data of websites are stored on the web servers of web hosting companies. The best web hosts are often referred to as the “Best Windows Hosting Company” or as the “Best Linux Hosting Company” or as the “Top Cloud Hosting Company”. 3 DATABASE
  • 4. YELLOW  SQL is the abbreviation for Structured Query Language. Almost all the relational databases use the programming language, SQL, for querying, manipulating as well as defining data and providing access control. Despite being an ANSI/ISO standard, there are various versions of the SQL language. SQL 4
  • 5. RDBMS  RDBMS is the abbreviation for Relational Database Management System. It is a database in which data is stored in tables, so that the data can be used in relation to other stored datasets. Most of the databases that are used by businesses are relational databases. RDBMS serves as the basis for SQL as well as for all modern database systems. 5
  • 6.  The uses of SQL are mentioned below. These uses shed light on the operations that are performed with regard to a database.  A new database can be created with SQL  New data can be inserted in the database  Previous data can be modified or updated  Data can be retrieved from the database  Data can be deleted  A new table can be created in one database and it can be dropped as well  Permissions can be set for table, procedures and views  Function, views and stored procedures can be created 6 Uses of SQL
  • 7. Applications of SQL 7 A few of the applications of SQL are mentioned below. SQL functions as a Data Defining Language (DDL). Hence, it can be used to make a database autonomously and to characterize its structure. It is a Data Control Language (DCL) that is used to determine the way in which an information base can be ensured against debasement and misuse. SQL acts as a Data Manipulation Language (DML). This helps to keep a database that existed previously. It is used widely as a Client or Server language. It can be used with regard to the three-level design that characterizes the Internet architecture.
  • 8. 8 1-800-123 -8156 Whoa! That’s a big number, aren’t you proud?
  • 9.  SQL commands can be divided into 3 categories with regard to one’s work. These are mentioned below.  Data Definition Language (DDL): DDL has three parts, which are create, alter and drop. Create is used to create a new object in a database. Alter is used for modifying objects in a database. Drop is used to delete an object.  Data Manipulation Language (DML): DML has 4 parts, which are select, insert, update and delete. Select is used to retrieve one or more data. A new record can be entered by using Insert. Update is used to modify a record. By using Delete a record can be deleted.  Data Control Language (DCL): DCL has 2 parts, which are grant and revoke. Grant gives permission to users. Revoke is used to deny permission. 9 SQL Commands
  • 10.  SQL injection refers to a malicious code injection technique in which malicious code is inserted in SQL statements through web page input. It is used for the purpose of attacking data-driven applications by inserting malicious SQL statements into an entry field for execution. It is used frequently as a web hacking technique. In it arbitrary SQL commands are inserted in the queries, which are made by a web application to its database.  SQL injection exploits security vulnerability that exists in any application’s software. It is known to be an attack vector for websites but it can be used to attack SQL database of any type. With the aid of SQL injection attackers can spoof identity as well as tamper with existing data. It can be used to cause repudiation issues. 10 SQL Injection
  • 11.  There are 3 major categories of SQL injections which are mentioned below.  In-band SQLi- It takes place when an attacker uses a single communication channel to launch an attack and gather results.  Inferential SQLi- In it an attacker can reconstruct the database structure. This is done by sending payloads, observing the response of the web application and the database server’s resulting behavior.  Out-of-band SQLi- It occurs in the event that an attacker is unable to make use of the same channel for launching an attack and gathering the results. 11 SQL Injection’s Categories
  • 12.  An SQL injection attack that is successful leads to the following-  Unauthorized access to sensitive data  Damage to reputation  Regulatory fines 12 SQL Injection Attack’s Impact
  • 13.  The most common examples of SQL injection are mentioned below.  Retrieving hidden data- In it an SQL query can be modified to return additional results.  Subverting application logic- In it a query can be changed to interfere with the application's logic.  UNION attacks- It retrieves data from various database tables.  Examining the database- Information related to the version and structure of a database can be extracted.  Blind SQL injection- In it the results of a query that is being controlled, are not returned in the responses of the application. 13 Examples of SQL Injection
  • 14. 14 Thanks! ANY QUESTIONS? You can find me at: www.htshosting.org support@htshosting.org