Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
AGENDAWhat is SQLWHAT is SQL injectionSQL Injection Attack TypesPrevention of SQL Injection Attack                    ...
WHAT IS SQL?SQL is a special-purpose programming language designed for managing data held in a relational database manage...
What is SQL injection?A class of code-injection attacks, in which data provided by the user is included in an SQL query i...
Example of SQL injection                           5
TYPES OF SQL ATTACKS1)First Order Attack:-The attacker can simply enter a malicious string and cause the modified code to...
Injection MechanismInjection through user input                                      First-orderInjection through cookie...
Injection MechanismFirst-order injection             Second-order injection The application processes       • The applica...
Attack IntentDetermining database schemaExtracting dataAdding or modifying dataBypassing authentication               ...
InferenceInject commands into the site and then observe how the function/response of the website changes  Blind injectio...
Blind SQL injectionThe information must be inferred from the behavior of the page by asking the server true/false questio...
Timing AttacksGain information by observing timing delays in the response of the database                                ...
Alternate EncodingEmploy alternate methods of encoding attack stringsSELECT accounts FROM usersWHERE login = ‘doe’; exec(...
Prevention of SQLIAsThe root cause of SQL injection vulnerabilities is insufficient input validationSolution:  Defensiv...
REFERENCESwww.wikipedia.comwww.google.comdownload.oracle.com
QUERIES
Sql injection
Upcoming SlideShare
Loading in …5
×

Sql injection

16,672 views

Published on

Published in: Education
  • Be the first to comment

Sql injection

  1. 1. AGENDAWhat is SQLWHAT is SQL injectionSQL Injection Attack TypesPrevention of SQL Injection Attack 2
  2. 2. WHAT IS SQL?SQL is a special-purpose programming language designed for managing data held in a relational database management systems (RDBMS).The scope of SQL includes data insert, query, update and delete, schema creation and modification, and data access control. 3
  3. 3. What is SQL injection?A class of code-injection attacks, in which data provided by the user is included in an SQL query in such a way that part of the user’s input is treated as SQL codeSQL injection is a technique to maliciously exploit applications that use client-supplied data in SQL statements. Attackers trick the SQL engine into executing unintended commands by supplying specially crafted string input, thereby gaining unauthorized access to a database in order to view or manipulate restricted data. SQL injection techniques may differ, but they all exploit a single vulnerability in the application: Incorrectly validated or non validated string literals are concatenated into a dynamic SQL statement, and interpreted as code by the SQL engine. 4
  4. 4. Example of SQL injection 5
  5. 5. TYPES OF SQL ATTACKS1)First Order Attack:-The attacker can simply enter a malicious string and cause the modified code to be executed immediately.2)Second Order Attack:-The attacker injects into persistent storage (such as a table row) which is deemed as a trusted source. An attack is subsequently executed by another activity.3)Lateral Injection:-The attacker can manipulate the implicit functionTo_Char() by changing the values of the environment variables, NLS_Date_Format orNLS_Numeric_Characters. 6
  6. 6. Injection MechanismInjection through user input First-orderInjection through cookies injectionInjection through server variablesSecond-order injection 7
  7. 7. Injection MechanismFirst-order injection Second-order injection The application processes • The application stores that the input, causing the input for future use (usually attacker’s injected SQL query in the database), and to execute. responds to the request. • The attacker submits a second (different) request. • To handle the second request, the application retrieves the stored input and processes it, causing the attacker’s injected SQL query to execute. 8
  8. 8. Attack IntentDetermining database schemaExtracting dataAdding or modifying dataBypassing authentication 9
  9. 9. InferenceInject commands into the site and then observe how the function/response of the website changes Blind injection Timing attacks 10
  10. 10. Blind SQL injectionThe information must be inferred from the behavior of the page by asking the server true/false questions 11
  11. 11. Timing AttacksGain information by observing timing delays in the response of the database 12
  12. 12. Alternate EncodingEmploy alternate methods of encoding attack stringsSELECT accounts FROM usersWHERE login = ‘doe’; exec(char(0x73697574646f776e)) --’ AND pass = ‘’ AND pin = 13
  13. 13. Prevention of SQLIAsThe root cause of SQL injection vulnerabilities is insufficient input validationSolution: Defensive coding practices Detection & Prevention techniques 14
  14. 14. REFERENCESwww.wikipedia.comwww.google.comdownload.oracle.com
  15. 15. QUERIES

×