WW
Uploaded byWaad Waad
PDF, PPTX62 views

Chapter 5 - SQL-Injection-NK.pdf

This document discusses SQL injection, including what it is, real world examples, important SQL syntax, and prevention methods. SQL injection is a code injection technique that exploits security vulnerabilities in user input handlers to expose sensitive data from a database. It provides examples of SQL injection attacks, such as retrieving hidden data or subverting application logic. The document emphasizes that SQL injection is a serious threat and outlines techniques for preventing vulnerabilities like validating user input and using prepared statements.

Embed presentation

Download as PDF, PPTX
Database Security Chapter 5 -2: SQL Injection Prof. Naoufel Kraiem 2022 1
Introduction  What is SQL Injection?  Real World Examples  Important SQL Syntax  Example Website  Prevention 2
What is SQL Injection?  Code Injection Technique  Exploits Security Vulnerability  Targets User Input Handlers 3
Real World Examples  On August 17, 2009, the United States Justice Department charged an American citizen Albert Gonzalez and two unnamed Russians with the theft of 130 million credit card numbers using an SQL injection attack.  In 2008 a sweep of attacks began exploiting the SQL injection vulnerabilities of Microsoft's IIS web server and SQL database server. Over 500,000 sites were exploited. 4
5
SQL injection 6
7
8
9
10
11
12 d d d d d
SQL injection examples There are a wide variety of SQL injection vulnerabilities, attacks, and techniques, which arise in different situations. Some common SQL injection examples include:  Retrieving hidden data, where you can modify an SQL query to return additional results.  Subverting application logic, where you can change a query to interfere with the application's logic.  UNION attacks, where you can retrieve data from different database tables.  Examining the database, where you can extract information about the version and structure of the database.  Blind SQL injection, where the results of a query you control are not returned in the application's responses. https://portswigger.net/web-security/sql-injection 13
Important Syntax COMMENTS: -- Example: SELECT * FROM `table` --selects everything LOGIC: ‘a’=‘a’ Example: SELECT * FROM `table` WHERE ‘a’=‘a’ MULTI STATEMENTS: S1; S2 Example: SELECT * FROM `table`; DROP TABLE `table`; 14
Example Website 15
16
Example Website timbo317 cse7330 SELECT * FROM `login` WHERE `user`=‘timbo317’ AND `pass`=‘cse7330’ 17
Login Database Table user pass timbo317 cse7330 What Could Go Wrong?? 18
Example Hack ’ OR ‘a’=‘a ’ OR ‘a’=‘a SELECT * FROM `login` WHERE `user`=‘’ OR ‘a’=‘a’ AND `pass`=‘’ OR ‘a’=‘a’ 19
It Gets Worse! ’; DROP TABLE `login`; -- SELECT * FROM `login` WHERE `user`=‘’; DROP TABLE `login`; --’ AND `pass`=‘’ 20
All Queries are Possible SELECT * FROM `login` WHERE `user`=‘’; INSERT INTO `login` ('user','pass') VALUES ('haxor','whatever');--’ AND `pass`=‘’ SELECT * FROM `login` WHERE `user`=‘’; UPDATE `login` SET `pass`=‘pass123’ WHERE `user`=‘timbo317’;--’ AND `pass`=‘’ 21
22
23
24
25
26
27
28
29
30
31
32
33
34
Live Demonstration How Can You Prevent This?? 35
Prevention  Logic to allow only numbers / letters in username and password.  How should you enforce the constraint? SERVER SIDE.  ‘ESCAPE’ bad characters. ’ becomes ’  READ ONLY database access.  Remember this is NOT just for login areas! NOT just for websites!! 36
Works Cited  (SQL Injection Walkthrough)(SQL Injection)(SQL Injection)  Friedl, S. (2009, 10 26). SQL Injection Attacks by Example. Retrieved from Steve Friedl's Unixwiz.net Tech Tips: http://unixwiz.net/techtips/sql-injection.html  IBM Informix Guide to SQL: Syntax. (n.d.). Retrieved 10 26, 2009, from IBM.COM: http://publib.boulder.ibm.com/infocenter/idshelp/v10/index.jsp?t opic=/com.ibm.sqls.doc/sqls36.htm  SQL Injection. (n.d.). Retrieved 10 26, 2009, from SQL Server 2008 Books Online: http://msdn.microsoft.com/en- us/library/ms161953.aspx  SQL Injection. (n.d.). Retrieved 10 26, 2009, from php.net: http://php.net/manual/en/security.database.sql-injection.php  SQL Injection Walkthrough. (n.d.). Retrieved 10 26, 2009, from Securiteam: http://www.securiteam.com/securityreviews/5DP0N1P76E.html 37

More Related Content

PPT
SQl Injection.ppt
byHrRajon2
 
PPT
Sql injection
byNikunj Dhameliya
 
PPTX
SQL INJECTION
byAnoop T
 
PPT
Sql injection
byNitish Kumar
 
PDF
Sql injection bypassing hand book blackrose
byNoaman Aziz
 
PDF
Sql injection
bySafwan Hashmi
 
PPTX
Sql injection
byManjushree Mashal
 
PPTX
SQL Injection Sql Injection Typesagdsgdsgdsgbdshfdshbfdshbfdshbfdhsh
byRAKIBULISLAM529074
 
SQl Injection.ppt
byHrRajon2
 
Sql injection
byNikunj Dhameliya
 
SQL INJECTION
byAnoop T
 
Sql injection
byNitish Kumar
 
Sql injection bypassing hand book blackrose
byNoaman Aziz
 
Sql injection
bySafwan Hashmi
 
Sql injection
byManjushree Mashal
 
SQL Injection Sql Injection Typesagdsgdsgdsgbdshfdshbfdshbfdshbfdhsh
byRAKIBULISLAM529074
 

Similar to Chapter 5 - SQL-Injection-NK.pdf

PPTX
Google Dorks and SQL Injection
byMudassir Hassan Khan
 
PDF
Chapter 14 sql injection
bynewbie2019
 
PPTX
Sql injection - security testing
byNapendra Singh
 
PPT
SQLSecurity.ppt
byCNSHacking
 
PPT
SQLSecurity.ppt
byLokeshK66
 
PPT
Sql security
bySafwan Hashmi
 
PDF
Sql injection course made by Cristian Alexandrescu
byCristian Alexandrescu
 
PPTX
Sql injection
byZidh
 
PPTX
Whatis SQL Injection.pptx
bySimplilearn
 
PPT
Sql injection attacks
byKumar
 
PPTX
Sql injections (Basic bypass authentication)
byRavindra Singh Rathore
 
PPT
Sql injection attacks
byNitish Kumar
 
PPTX
Greensql2007
byKaustav Sengupta
 
PPTX
Code injection and green sql
byKaustav Sengupta
 
PPTX
SQL INJECTION
byZiaullah Khan
 
PDF
Sq linjection
byMahesh Gupta (DBATAG) - SQL Server Consultant
 
PPSX
Web application security
bywww.netgains.org
 
PPT
Sql injection attacks
bychaitanya Lotankar
 
PPTX
Intro to SQL Injection
byhon1nbo
 
PPT
Advanced sql injection 1
byKarunakar Singh Thakur
 
Google Dorks and SQL Injection
byMudassir Hassan Khan
 
Chapter 14 sql injection
bynewbie2019
 
Sql injection - security testing
byNapendra Singh
 
SQLSecurity.ppt
byCNSHacking
 
SQLSecurity.ppt
byLokeshK66
 
Sql security
bySafwan Hashmi
 
Sql injection course made by Cristian Alexandrescu
byCristian Alexandrescu
 
Sql injection
byZidh
 
Whatis SQL Injection.pptx
bySimplilearn
 
Sql injection attacks
byKumar
 
Sql injections (Basic bypass authentication)
byRavindra Singh Rathore
 
Sql injection attacks
byNitish Kumar
 
Greensql2007
byKaustav Sengupta
 
Code injection and green sql
byKaustav Sengupta
 
SQL INJECTION
byZiaullah Khan
 
Sq linjection
byMahesh Gupta (DBATAG) - SQL Server Consultant
 
Web application security
bywww.netgains.org
 
Sql injection attacks
bychaitanya Lotankar
 
Intro to SQL Injection
byhon1nbo
 
Advanced sql injection 1
byKarunakar Singh Thakur
 

Recently uploaded

PDF
JR : Quality Random Data from the Command line
byGiovanni Marigi
 
PDF
Louisville User Group: Transforming Technical Debt into Technical Wealth
byLynda Kane
 
PDF
Building Software in the AI Era: Spec-Driven Development with Kiro IDE
byHaim Michael
 
PDF
Using Change Data Capture (CDC) to Ingest Data into Apache Kafka
byGiovanni Marigi
 
PDF
Saga: The new era of transactions in a microservices architecture
byGiovanni Marigi
 
PDF
The Cost of Missing Critical Connections in Data - Suspicious Behavior Detect...
byEnterprise Knowledge
 
PDF
Governing Agentic Enterprise - From Shadow AI to Autonomous Security.pdf
bysajjasridhar1990
 
PPTX
Lecture 05. API Security for DevSecOps Eng.pptx
byvinocol222
 
PDF
Purple Team - Active Directory and AzureAD v1
byVICTOR MAESTRE RAMIREZ
 
PDF
Best Bank Statement Converter Software - A Documentation-Based Meta-Analysis ...
bylewisconrada
 
PDF
Effective Ai powered mock interview .pdf
byamazingnishusingh766
 
PDF
Josh Chu Boston - An Innovative Technology Executive
byJosh Chu Boston
 
PDF
Digital Transformation Services The Key to Futureproofing Your Business
byQuadrafort Technolgies
 
PDF
65 AI-related Posts Catalog https://tinyurl.com/mpavkr8z
byBob Marcus
 
PPTX
How Blockchain Application Development Enables Trustless Digital Ecosystems.pptx
byLisa ward
 
PPTX
Oracle SCM Cloud Solutions for Smart Supply Chain Management
byChetu
 
PPT
Waste water treatment plant operation and maintenance
byDuggineniRamakrishna
 
PDF
Generating Structured Outputs from Unstructured Content Using LLMs
byEnterprise Knowledge
 
PPTX
JAVA Programming Lecture 1 C 4 Yourself.pptx
byyvsbglfaeahuyldzhq
 
PPTX
TechSprint Kickoff - Everything You Need to Know
bygdgcodecellcmpn
 
JR : Quality Random Data from the Command line
byGiovanni Marigi
 
Louisville User Group: Transforming Technical Debt into Technical Wealth
byLynda Kane
 
Building Software in the AI Era: Spec-Driven Development with Kiro IDE
byHaim Michael
 
Using Change Data Capture (CDC) to Ingest Data into Apache Kafka
byGiovanni Marigi
 
Saga: The new era of transactions in a microservices architecture
byGiovanni Marigi
 
The Cost of Missing Critical Connections in Data - Suspicious Behavior Detect...
byEnterprise Knowledge
 
Governing Agentic Enterprise - From Shadow AI to Autonomous Security.pdf
bysajjasridhar1990
 
Lecture 05. API Security for DevSecOps Eng.pptx
byvinocol222
 
Purple Team - Active Directory and AzureAD v1
byVICTOR MAESTRE RAMIREZ
 
Best Bank Statement Converter Software - A Documentation-Based Meta-Analysis ...
bylewisconrada
 
Effective Ai powered mock interview .pdf
byamazingnishusingh766
 
Josh Chu Boston - An Innovative Technology Executive
byJosh Chu Boston
 
Digital Transformation Services The Key to Futureproofing Your Business
byQuadrafort Technolgies
 
65 AI-related Posts Catalog https://tinyurl.com/mpavkr8z
byBob Marcus
 
How Blockchain Application Development Enables Trustless Digital Ecosystems.pptx
byLisa ward
 
Oracle SCM Cloud Solutions for Smart Supply Chain Management
byChetu
 
Waste water treatment plant operation and maintenance
byDuggineniRamakrishna
 
Generating Structured Outputs from Unstructured Content Using LLMs
byEnterprise Knowledge
 
JAVA Programming Lecture 1 C 4 Yourself.pptx
byyvsbglfaeahuyldzhq
 
TechSprint Kickoff - Everything You Need to Know
bygdgcodecellcmpn
 

Chapter 5 - SQL-Injection-NK.pdf

  • 1.
    Database Security Chapter 5-2: SQL Injection Prof. Naoufel Kraiem 2022 1
  • 2.
    Introduction  What isSQL Injection?  Real World Examples  Important SQL Syntax  Example Website  Prevention 2
  • 3.
    What is SQLInjection?  Code Injection Technique  Exploits Security Vulnerability  Targets User Input Handlers 3
  • 4.
    Real World Examples On August 17, 2009, the United States Justice Department charged an American citizen Albert Gonzalez and two unnamed Russians with the theft of 130 million credit card numbers using an SQL injection attack.  In 2008 a sweep of attacks began exploiting the SQL injection vulnerabilities of Microsoft's IIS web server and SQL database server. Over 500,000 sites were exploited. 4
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
    SQL injection examples Thereare a wide variety of SQL injection vulnerabilities, attacks, and techniques, which arise in different situations. Some common SQL injection examples include:  Retrieving hidden data, where you can modify an SQL query to return additional results.  Subverting application logic, where you can change a query to interfere with the application's logic.  UNION attacks, where you can retrieve data from different database tables.  Examining the database, where you can extract information about the version and structure of the database.  Blind SQL injection, where the results of a query you control are not returned in the application's responses. https://portswigger.net/web-security/sql-injection 13
  • 14.
    Important Syntax COMMENTS: -- Example:SELECT * FROM `table` --selects everything LOGIC: ‘a’=‘a’ Example: SELECT * FROM `table` WHERE ‘a’=‘a’ MULTI STATEMENTS: S1; S2 Example: SELECT * FROM `table`; DROP TABLE `table`; 14
  • 15.
  • 16.
  • 17.
    Example Website timbo317 cse7330 SELECT *FROM `login` WHERE `user`=‘timbo317’ AND `pass`=‘cse7330’ 17
  • 18.
    Login Database Table userpass timbo317 cse7330 What Could Go Wrong?? 18
  • 19.
    Example Hack ’ OR‘a’=‘a ’ OR ‘a’=‘a SELECT * FROM `login` WHERE `user`=‘’ OR ‘a’=‘a’ AND `pass`=‘’ OR ‘a’=‘a’ 19
  • 20.
    It Gets Worse! ’;DROP TABLE `login`; -- SELECT * FROM `login` WHERE `user`=‘’; DROP TABLE `login`; --’ AND `pass`=‘’ 20
  • 21.
    All Queries arePossible SELECT * FROM `login` WHERE `user`=‘’; INSERT INTO `login` ('user','pass') VALUES ('haxor','whatever');--’ AND `pass`=‘’ SELECT * FROM `login` WHERE `user`=‘’; UPDATE `login` SET `pass`=‘pass123’ WHERE `user`=‘timbo317’;--’ AND `pass`=‘’ 21
  • 22.
  • 23.
  • 24.
  • 25.
  • 26.
  • 27.
  • 28.
  • 29.
  • 30.
  • 31.
  • 32.
  • 33.
  • 34.
  • 35.
    Live Demonstration How CanYou Prevent This?? 35
  • 36.
    Prevention  Logic toallow only numbers / letters in username and password.  How should you enforce the constraint? SERVER SIDE.  ‘ESCAPE’ bad characters. ’ becomes ’  READ ONLY database access.  Remember this is NOT just for login areas! NOT just for websites!! 36
  • 37.
    Works Cited  (SQLInjection Walkthrough)(SQL Injection)(SQL Injection)  Friedl, S. (2009, 10 26). SQL Injection Attacks by Example. Retrieved from Steve Friedl's Unixwiz.net Tech Tips: http://unixwiz.net/techtips/sql-injection.html  IBM Informix Guide to SQL: Syntax. (n.d.). Retrieved 10 26, 2009, from IBM.COM: http://publib.boulder.ibm.com/infocenter/idshelp/v10/index.jsp?t opic=/com.ibm.sqls.doc/sqls36.htm  SQL Injection. (n.d.). Retrieved 10 26, 2009, from SQL Server 2008 Books Online: http://msdn.microsoft.com/en- us/library/ms161953.aspx  SQL Injection. (n.d.). Retrieved 10 26, 2009, from php.net: http://php.net/manual/en/security.database.sql-injection.php  SQL Injection Walkthrough. (n.d.). Retrieved 10 26, 2009, from Securiteam: http://www.securiteam.com/securityreviews/5DP0N1P76E.html 37