The document discusses various methods for preventing SQL injection attacks, including input validation, using static query statements, and least privilege approaches. It provides detailed explanations and examples of how to properly implement input validation, including escaping special characters, validating numeric fields, and preventing second-order SQL injection. The document also cautions that approaches like parameterized statements and stored procedures do not automatically prevent SQL injection and can still be vulnerable if not implemented correctly.
SQL Injection: complete walkthrough (not only) for PHP developersKrzysztof Kotowicz
Learn what is SQL injection, how to use prepared statements, how to escape and write secure stored procedures. Many PHP projects are covered - PDO, Propel, Doctrine, Zend Framework and MDB2. Multiple gotchas included.
The most massive crime of identity theft in history was perpetrated in 2007 by exploiting an SQL Injection vulnerability. This issue is one of the most common and most serious threats to web application security. In this presentation, you'll see some common myths busted and you'll get a better understanding of defending against SQL injection.
SQL Injection: complete walkthrough (not only) for PHP developersKrzysztof Kotowicz
Learn what is SQL injection, how to use prepared statements, how to escape and write secure stored procedures. Many PHP projects are covered - PDO, Propel, Doctrine, Zend Framework and MDB2. Multiple gotchas included.
The most massive crime of identity theft in history was perpetrated in 2007 by exploiting an SQL Injection vulnerability. This issue is one of the most common and most serious threats to web application security. In this presentation, you'll see some common myths busted and you'll get a better understanding of defending against SQL injection.
Garage4Hackers Ranchoddas Webcast Series - Bypassing Modern WAF's Exemplified...Garage4hackers.com
Presentation slides of Garage4Hackers Ranchoddas Webcast Series - Bypassing Modern WAF's Exemplified At XSS by Rafay Baloch. Ask all your question's related to the webcast here http://goo.gl/Vv10hJ. Don't forget to leave you feedback here https://goo.gl/YrBeic.
• What is SQL injection ?
• Why is it harmful?
• Types of SQL injection attacks.
• How to identify SQL injection vulnerability.
• Exploiting SQL injection.
• How to protect Web Application from SQL injection.
Web application security is the process of securing confidential data stored online from unauthorized access and modification. This is accomplished by enforcing stringent policy measures.
A web threat is any threat that uses the World Wide Web to facilitate cybercrime. Web threats use multiple types of malware and fraud, all of which utilize HTTP or HTTPS protocols, but may also employ other protocols and components, such as links in email or IM, or malware attachments or on servers that access the Web.
SQL injection is a code injection technique, used to attack data-driven applications,
in which malicious SQL statements are inserted into an entry field for execution.
This is a method to attack web applications that have a data repository.The
attacker would send a specially crafted SQL statement that is designed to cause
some malicious action.SQL injection is an attack technique that exploits a security
vulnerability occurring in the database layer of an application and a service. This
is most often found within web pages with dynamic content.
This presentation is from Null/OWASP/G4H November Bangalore MeetUp 2014.
technology.inmobi.com/events/null-owasp-g4h-november-meetup
Talk Outline:-
A) Reflective-(Non-Persistent Cross-site Scripting)
- What is Reflective Cross-site scripting.
- Testing for Reflected Cross site scripting
How to Test
- Black Box testing
- Bypass XSS filters
- Gray Box testing
Tools
Defending Against Reflective Cross-site scripting.
Examples of Reflective Cross-Site Scripting Attacks.
B) Stored -(Persistent Cross-site Scripting)
What is Stored Cross-site scripting.
How to Test
- Black Box testing
- Gray Box testing
Tools
Defending Against Stored Cross-site scripting.
Examples of Stored Cross-Site Scripting Attacks.
SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker).
The presentation has a quick preamble on SQL injection definition, sqlmap and its key features.
I will then illustrate into details common and uncommon problems and respective solutions with examples that a penetration tester faces when he wants to take advantage of any kind of web application SQL injection flaw on real world web applications, for instance SQL injection in ORDER BY and LIMIT clauses, single entry UNION query SQL injection, specific web application technologies IDS bypasses and more.
These slides have been presented at the 2nd Digital Security Forum in Lisbon on June 27, 2009.
Updated version of http://www.slideshare.net/inquis/sql-injection-not-only-and-11.
Garage4Hackers Ranchoddas Webcast Series - Bypassing Modern WAF's Exemplified...Garage4hackers.com
Presentation slides of Garage4Hackers Ranchoddas Webcast Series - Bypassing Modern WAF's Exemplified At XSS by Rafay Baloch. Ask all your question's related to the webcast here http://goo.gl/Vv10hJ. Don't forget to leave you feedback here https://goo.gl/YrBeic.
• What is SQL injection ?
• Why is it harmful?
• Types of SQL injection attacks.
• How to identify SQL injection vulnerability.
• Exploiting SQL injection.
• How to protect Web Application from SQL injection.
Web application security is the process of securing confidential data stored online from unauthorized access and modification. This is accomplished by enforcing stringent policy measures.
A web threat is any threat that uses the World Wide Web to facilitate cybercrime. Web threats use multiple types of malware and fraud, all of which utilize HTTP or HTTPS protocols, but may also employ other protocols and components, such as links in email or IM, or malware attachments or on servers that access the Web.
SQL injection is a code injection technique, used to attack data-driven applications,
in which malicious SQL statements are inserted into an entry field for execution.
This is a method to attack web applications that have a data repository.The
attacker would send a specially crafted SQL statement that is designed to cause
some malicious action.SQL injection is an attack technique that exploits a security
vulnerability occurring in the database layer of an application and a service. This
is most often found within web pages with dynamic content.
This presentation is from Null/OWASP/G4H November Bangalore MeetUp 2014.
technology.inmobi.com/events/null-owasp-g4h-november-meetup
Talk Outline:-
A) Reflective-(Non-Persistent Cross-site Scripting)
- What is Reflective Cross-site scripting.
- Testing for Reflected Cross site scripting
How to Test
- Black Box testing
- Bypass XSS filters
- Gray Box testing
Tools
Defending Against Reflective Cross-site scripting.
Examples of Reflective Cross-Site Scripting Attacks.
B) Stored -(Persistent Cross-site Scripting)
What is Stored Cross-site scripting.
How to Test
- Black Box testing
- Gray Box testing
Tools
Defending Against Stored Cross-site scripting.
Examples of Stored Cross-Site Scripting Attacks.
SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker).
The presentation has a quick preamble on SQL injection definition, sqlmap and its key features.
I will then illustrate into details common and uncommon problems and respective solutions with examples that a penetration tester faces when he wants to take advantage of any kind of web application SQL injection flaw on real world web applications, for instance SQL injection in ORDER BY and LIMIT clauses, single entry UNION query SQL injection, specific web application technologies IDS bypasses and more.
These slides have been presented at the 2nd Digital Security Forum in Lisbon on June 27, 2009.
Updated version of http://www.slideshare.net/inquis/sql-injection-not-only-and-11.
Introduction to APIs & how to automate APIs testing with selenium web driver?BugRaptors
BugRaptors expertise in using selenium IDE, Selenium WebDriver. For web and mobile applications we work with selenium webdriver by using different frameworks. We extensively use selenium IDE and web driver to automate all types of projects from small to large complex projects.
Top 5 Javascript Frameworks for Web and Mobile App DevelopmentAjeet Singh
Why Frontend JavaScript Frameworks?
The process of web app development starts with the idea of how the app will look on screen. So far so good. Next, these images are HTMLised by a frontend designer which is then converted by the developer into a fully working webs development page. But hey! Here is the catch.
Hence came the need to standardize the web app designing so that the backend workflow injection part can be easily coded. And going by the example of HTML and CSS frameworks such as Bootstrap and Foundation, coders created JavaScript frontend frameworks to formulate web apps.
Complete JS Frameworks
There are many so called JavaScript frameworks in the market, but in reality not all are complete frameworks. That means that not every framework out there can be used to create every aspect of an app. Most of them can be categorized as a set of tools that can make your coding easier but you may have to rely on other tools as well to get the job done.
AngularJS
This is the framework that works on the concept of two-way data binding, and this was the framework that revolutionized the concept of model view controller architecture in web apps. Also, this is a comprehensive framework and reduces the need to introduce other JS libraries into the development process.
EmberJS
EmberJS is the framework for those who focus on conventions rather than configurations. EmberJS has a very robust routing framework and thus is a good candidate to go with when you have complex nested routes and templates within a page.
CanJS
CanJS is a relatively new framework so it lacks in terms of popularity. But we were greatly impressed by its ease-of-use and flexibility in our projects so I thought its prudent to include it in the list. CanJS also ranks higher than the other three in terms of performance, especially when you have to render lots of view binding.
JavaScript toolkits that can work as frameworks
KnockoutJS
KnockoutJS is a very popular toolkit among JS web app designers. It’s very lightweight, has every basic view rendering feature an app would need and it’s a perfect tool for those app projects for which you may have to develop your own framework.
BackBoneJS
BackboneJS is awesome if you want to define your templating or use jQuery-like event binding. However the framework Tool-kit is only for advanced developers and it has a steep learning curve. BackBoneJS is good at handling requests, module loading and request routing.
Conclusion
AngularJS is only stand alone framework that does not need help of any other library to work, and it is also the largest frontend JS framework out there. Ember and CanJS need support from additional libraries but are great in their own ways. BackboneJS and KnockoutJS are awesome for small app development projects or for those large app development projects in which you may have to build your own framework.
'Software Automation Testing Secrets Revealed' book written by Narayanan Palani and available across Amazon.
Who this book is written for:
If you are a software testing professional, a developer, or a student looking forward to get a job in software industry, this book will help in creating automation test scripts for your web applications, this is the right guide for you! As a prerequisite, a basic knowledge in programming languages are expected, although any previous knowledge of testing tools are not necessary.
What you will learn from this book:
Learn for software testing job opportunities on how automation frameworks designed and understand how to overcome limitations of not knowing such testing tools in the past
Setup and use automation tools for twelve different automation frameworks such as Selenium, HP UFT (formerly QTP),Ranorex, RFT and other famous automation testing tools
Learn how to deal with the advanced features of automation tools which will be helpful for software testing job opportunities!
Understand how the most wanted automation technologies can be designed such as excel automation frameworks which will help for testing projects of leading clients across US,UK.
Practice the sample projects using clear instructions from each chapter and apply for relevant software testing jobs in your desired location!
The presentation has a quick preamble on SQL injection definition, sqlmap and its key features.
I then illustrate into details common and uncommon problems and respective solutions with examples that a penetration tester faces when he wants to take advantage of any kind of web application SQL injection flaw on real world web applications, for instance SQL injection in ORDER BY and LIMIT clauses, single entry UNION query SQL injection, specific web application technologies IDS bypasses and more.
These slides have been presented at the Front Range OWASP Conference in Denver on March 5, 2009.
The What, Why and How of (Web) Analytics Testing (Web, IoT, Big Data)Anand Bagmar
Learning Objectives:
The most used and heard about buzz words in the Software Industry today are … IoT and Big Data!
With IoT, with a creative mindset looking for opportunities and ways to add value, the possibilities are infinite. With each such opportunity, there is a huge volume of data being generated - which if analyzed and used correctly, can feed into creating more opportunities and increased value propositions.
There are 2 types of analysis that one needs to think about.
1. How is the end-user interacting with the product? This will give some level of understanding into how to re-position and focus on the true value add features for the product.
2. With the huge volume of data being generated by the end-user interactions, and the data being captured by all devices in the food-chain of the offering, it is important to identify patterns from what has happened, and find out new product / value opportunities based on usage patterns.
Learn what is Web Analytics, why is it important, and see some techniques how you can test it manually and and also automate that validation.
How "·$% developers defeat the web vulnerability scannersChema Alonso
Share Favorite
Favorited X
Download More...
Favorited! Want to add tags? Have an opinion? Make a quick comment as well. Cancel
Edit your favorites Cancel
Send to your Group / Event Select Group / Event
Add your message Cancel
Post toBlogger WordPress Twitter Facebook Deliciousmore share options .Embed For WordPress.com
Without related presentations
0 commentsPost a comment
Post a comment
..
Embed Video Subscribe to follow-up comments Unsubscribe from followup comments .
Edit your comment Cancel .Notes on slide 1
no notes for slide #1
no notes for slide #1
..Favorites, Groups & Events
more
How "·$% developers defeat the web vulnerability scanners - Presentation Transcript
1.How ?¿$·& developers defeat the most famous web vulnerability scanners …or how to recognize old friends Chema Alonso Informática64 José Parada Microsoft Ibérica
2.Agenda
1.- Introduction
2.- Inverted Queries
3.- Arithmetic Blind SQL Injection
4.- Time-Based Blind SQL Injection using Heavey Queries
5.- Conclusions
3.1.-Introduction
4.SQL Injection is still here among us
5.Web Application Security Consortium: Comparision http://projects.webappsec.org/Web-Application-Security-Statistics 12.186 sites 97.554 bugs
6.Need to Improve Automatic Scanning
Not always a manual scanning is possible
Time
Confidentiality
Money, money, money…
Need to study new ways to recognize old fashion vulnerabilities to improve automatic scanning tools.
7.2.-Inverted Queries
8.
9.Homers, how are they?
Lazy
Bad trainined
Poor Experience in security stuff
Don´t like working
Don´t like computing
Don´t like coding
Don´t like you!
10.Flanders are Left-handed
11.Right
SELECT UID
FROM USERS
WHERE NAME=‘V_NAME’
AND
PASSWORD=‘V_PASSW’;
12.Wrong?
SELECT UID
FROM USERS
WHERE ‘V_NAME’=NAME AND
‘ V_PASSW’=PASSWORD
13.Login Inverted Query
Select uid
From users where ‘v_name’=name and ‘v_pass’=password
http://www.web.com/login.php?v_name=Robert&v_pass=Kubica’ or '1'='1
Select uid
From users where ‘Robert’=name and ‘Kubica’ or ‘1’=‘1’=password
FAIL
14.Login Inverted SQL Injection an example
Select uid
From users where ‘v_name’=name and ‘v_pass’=password
http://www.web.com/login.php?v_name=Robert&v_pass=’=‘’ or ‘1’=‘1’ or ‘Kubica
Select uid
From users where ‘Robert’=name and ’’=‘’ or ‘1’=‘1’ or ‘Kubica’=password
Success
15.Blind Attacks
Attacker injects code but can´t access directly to the data.
However this injection changes the behavior of the web application.
Then the attacker looks for differences between true code injections (1=1) and false code injections (1=2) in the response pages to extract data.
Blind SQL Injection
Biind Xpath Injection
Blind LDAP Injection
16.Blind SQL Injection Attacks
Attacker injects:
“ True where clauses”
“ False where clauses“
Ex:
Program.php?id=1 and 1=1
Program.php?id=1 and 1=2
Program doesn’t return any visible data from database or data in error messages.
The attacker can´t see any data extracted from the database.
17.Blind SQL Injection Attacks
Attacker analyzes the response pages looking for differences between “True-Answer Page” and “False-Answer Page”:
Different hashes
Different html structure
Different patterns (keywords)
Different linear ASCII sums
“ Different behavior”
By example: Response Time
18.Blind SQL Injection Attacks
If any difference exists, then:
Attacker can extract all information from database
How? Using “booleanization”
MySQL:
Program.php?id=1 and 100>(ASCII(Substring(user(),1,1)))
“ True-Answer Page” or “False-Answer Page”?
MSSQL:
Program.php?id=1 and 100>(Select top 1 ASCII(Substring(name,1,1))) from sysusers)
Oracle:
Program.php?id=1 and 100>(Select ASCII(Sub
Let's face it, the web can be a dangerous place. So how do you protect your users and yourself? Tony Amoyal answers that and more as he shows how Rails can help protect against miscreants.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Advanced Topics On Sql Injection Protection
1. Advanced Topics on SQL Injection Protection Sam NG CISA, CISSP SQLBlock.com [email_address] Feb 27 th , 2006
2.
3.
4.
5.
6.
7.
8.
9.
10.
11. Table 1. SQL injection vulnerabilities found in BugTraq SecurityFocus 194 1 7 94 92 2005 Jan-Jun 57 29 28 2004 Jan-Jun Total Second Order StoredProc Numeric Field Others Period
12.
13.
14.
15.
16.
17.
18. 1.4 Prevent second order attacks Dim conn, rec, query1, query2, login_id, old_pass, new_pass login_id = Replace (Request. Form ( “login_id” ), “’” , “’’” ) old_pass = Replace (Request. Form ( “old_pass” ), “’” , “’’” ) new_pass = Replace (Request. Form ( “new_pass” ), “’” , “’’” ) Set conn = CreateObject ( "ADODB.Connection" ) conn.Open = "DSN=AccountDB;UID=sa;PWD=password;" query1 = “select * from tbl_user where login_id=’” & login_id & “’ and password=‘” & old_pass & “’” Set rec = conn.Execute(query1) If (rec.EOF) Then Response.Write "Invalid Password" Else query2 = “update from tbl_user set password=’” & new_pass & “’ where login_id=’” & rec.( “login_id” ) & “’” conn.Execute(query2) .. .. End If Unescaped data, read from database. But, what about if login_id = “foo’ union…. – ” All properly escaped
19.
20.
21.
22.
23.
24. 2.1 parameterized stmt != static stmt [Java] String sql = “select * from product where cat=’” + request.get( “cat” ) + “’ and price > ?” ; PreparedStatement pstmt = con.prepare(sql); pstmt.setString(1, request.getParameter( “price” )); ResultSet rs = pstmt.executeQuery(); Obviously vulnerable to SQL injection Even this is called in a parameterized form Prepare statement
25. 2.2 Stored Procedure != SAFE CREATE PROCEDURE sp_dynamic ( @name varchar(50) = '' ) AS DECLARE @Query varchar(500) SET @Query = 'SELECT * FROM userlist where name = ''' + @name + ''' EXEC( @Query ) GO Dangerous Function SQL style string concatenation [Solution] SET @name = REPLACE ( @name , '''' , '''''' ) Insert at HERE
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52. Architecture of a SQL Driver Proxy HTTP Client HTTP Server HTTP Server HTTP Client ODBC JDBC App Original Driver ODBC/JDBC Driver ODBC/JDBC App Analysis Analysis HTTP Proxy ODBC/JDBC Proxy HTTP Protocol HTTP Protocol API Calls API Calls