The document discusses SQL injection and GreenSQL. SQL injection is a code injection technique that allows attackers to gain unauthorized access to databases. GreenSQL is a database firewall that works as a proxy for SQL commands, calculates query risks, and supports different protection modes like IDS, IPS, and learning modes. It fingerprints databases and detects risky queries like stack-based and tautological queries. GreenSQL provides a dashboard to monitor queries and configure whitelist rules and alerts.

2. SQL INJECTION
AND
GREEN SQL
ABHISHEK KUMAR PRASAD (25500111003)
DEBLINA CHOWDHURY (25500111018)
KAUSTAV SENGUPTA (25500111024)

3. Internet in daily life
Code injection
SQl injection
GreenSQL

4. “Life has become easy by
INTERNET…”

5. It is a computer- based global information system.
 Composed of many interconnected computer
networks.
 Each network links with thousands of computers.
 Enabling links to share information and processing
power.
 Wonderful tool provides information at our finger tips.
INTRODUCTION TO INTERNET

6. EXTREME IMPACTS OF INTERNET

7. ► Saved the world a great deal of time and money.
► There is a big influence of technique on our daily life.
► It is one of the newest and most forward-looking media
HOW INTERNET MADE LIFE EASY

8. INTERNET MADE CHANGES IN….
Bill payments
Railway Reservations
Banking
Business
Entertainment
Information
Weather Reports
Education
Job Search Engine
Shopping

9. DISADVANTAGES
 Hacking
 Code Injection
 Spamming
 Virus
 In Appropriate websites
 Isolation
 Inaccurate information

10. What is code injection?
• Code injection is the exploitation of a computer
bug that is caused by processing invalid data.
• Code injection can be used by an attacker to
introduce (or "inject") code into a computer
program to change the course of execution.
• The results of a code injection attack can be
disastrous

11. Code injection

12. Different types of Code injection
• SQL injection
• LDAP Injection
• OS Command Injection
• Cross-Site Scripting (“XSS”)

13.  Many web applications take user input from a form
 Often this user input is used literally in the construction of a SQL query
submitted to a database. For example:
 SELECT productdata FROM table WHERE productname = ‘user input
product name’;
 A SQL injection attack involves placing SQL statements in the user
input
What is a SQL Injection Attack?

14. SQL injection
Input contains special characters and hidden SQL commands
Server accidentally passes hidden SQL commands to database.

15. Product Search:
 This input is put directly into the SQL statement within the Web
application:
 $query = “SELECT prodinfo FROM prodtable WHERE prodname = ‘” .
$_POST[‘prod_search’] . “’”;
 Creates the following SQL:
 SELECT prodinfo FROM prodtable WHERE prodname = ‘blah‘ OR ‘x’ = ‘x’
 Attacker has now successfully caused the entire database to be
returned.
An Example SQL Injection Attack
‘blah‘ OR ‘x’ = ‘x’

16. Sample SQL injection
User Input Chris’; DROP TABLE USER_TABLE;--
Query SELECT password FROM USER_TABLE WHERE username=‘Chris’; DROP TABLE
USER_TABLE;--’
Result USER_TABLE is deleted by the hacker.
Example 1: Data Loss
Example 2: Data Leakage
User Input ‘AND 1=0 UNION
SELECT card_number AS uid,card_holder_name
AS uname,expiry_date AS password FROM
CREDITCARD’
Query SELECT uid,uname,password FROM USERS WHERE
uname=‘AND 1=0 UNION
SELECT card_number AS uid,card_holder_name
AS uname,expiry_date AS password FROM
CREDITCARD’

17. Examples of SQL injection
These attacks noted on the Eastern European website started early in March and by
Wednesday March 12, 2008, 10,000 Web pages were compromised. Here is a diagram
of how it is done

18. Examples of SQL injection
Here is a diagram of how to protect against it

19.  Using SQL injections, attackers can:
 Add new data to the database
 Could be embarrassing to find yourself selling politically
incorrect items on an e-Commerce site
 Perform an INSERT in the injected SQL
 Modify data currently in the database
 Could be very costly to have an expensive item suddenly be
deeply ‘discounted’
 Perform an UPDATE in the injected SQL
 Often can gain access to other user’s system capabilities by
obtaining their password
Other injection possibilities

20.  Use provided functions for escaping strings
 Many attacks can be thwarted by simply using the SQL string escaping
mechanism
 ‘  ’ and “  ”
 mysql_real_escape_string() is the preferred function for this
 Not a silver bullet!
 Consider:
 SELECT fields FROM table WHERE id = 23 OR 1=1
 No quotes here!
Defenses

21.  Check syntax of input for validity
 Many classes of input have fixed languages
 Email addresses, dates, part numbers, etc.
 Verify that the input is a valid string in the language
 Sometime languages allow problematic characters (e.g., ‘*’ in
email addresses); may decide to not allow these
 If you can exclude quotes and semicolons that’s good
 Not always possible: consider the name Bill O’Reilly
 Want to allow the use of single quotes in names
 Have length limits on input
 Many SQL injection attacks depend on entering long strings
More Defenses

22.  Scan query string for undesirable word combinations that
indicate SQL statements
 INSERT, DROP, etc.
 If you see these, can check against SQL syntax to see if they
represent a statement or valid user input
 Limit database permissions and segregate users
 If you’re only reading the database, connect to database
as a user that only has read permissions
 Never connect as a database administrator in your web
application
More Defenses

23.  Configure database error reporting
 Default error reporting often gives away information that is valuable for
attackers (table name, field name, etc.)
 Configure so that this information is never exposed to a user
 If possible, use bound variables
 Some libraries allow you to bind inputs to variables inside a SQL statement
 PERL example (from http://www.unixwiz.net/techtips/sql-injection.html)
$sth = $dbh->prepare("SELECT email, userid FROM members WHERE email =
?;");
$sth->execute($email);
More Defenses

25. SQL Injection
 Code injection technique
 Gain Unauthorized access to database

26. Web Application Architecture

27. GreenSQL
 Known as database firewall
 Works as a proxy for SQL commands
 Calculates risks of queries
 Supports different modes for protection

28. • SQL Injection protection
• Full separation of duties
• Database Activity Monitoring ( DAM )
• IPS/IDS
• Learning mode
• Flexible deployment options
• Highly granular rules
• Real time e-mail alerts

29. Calculation of Risky Queries
 Fingerprinting of database
 Stack-based queries
 SQL tautology

30. Modes of GreenSQL
 IDS Mode
 IPS Mode
 Learning Mode
 Database Firewall Mode

31. GreenSQL Architecture

32. GreenSQL Login

33. GreenSQL Dashboard

34. GreenSQL Database List

35. GreenSQL Whitelist Configuration

36. GreenSQL Database Settings

37. GreenSQL Database Overview

38. GreenSQL Mail Alerts

39. Conclusion
 Provides great security regarding different sql attacks
 Can be used as a penetration tool !!!