This document provides an overview of SQL injection and buffer overflow attacks. It defines SQL injection as exploiting vulnerabilities in database-driven applications by injecting malicious SQL statements. Examples are given of changing queries, bypassing logins, and undermining application logic. Buffer overflow occurs when a program stores more data in a buffer than it can hold, overwriting adjacent memory. The document outlines steps to prevent these attacks, such as input validation, modifying error reports, and disabling stack execution.

1. SQL INJECTION
AND
BUFFER OVERFLOW
M.Udayasri
4 CSE-2
20JG1A0570

2. Outline
• Introduction to SQL Injection
• Blind SQL Injection
• Examples of SQL Injection Attacks
• Impact of SQL Injection Attacks
• Detecting and preventing SQL Injection attacks
• Introduction to Buffer Overflow
• Buffer Overflow Attacks
• Vulnerable Programming Languages
• Preventing Buffer Overflow Attacks

3. Introduction to SQL Injection
• Definition of SQL Injection
SQL injection is a code injection technique that exploits a security vulnerability
occurring in the database layer of an application.
• Purpose of SQL Injection attacks
 To exploit vulnerabilities in applications that use a SQL database.
 They can result in the exposure of sensitive data and damage to customer trust.
 They can also be used to delete databases, bypass authentication, remove records,
or add unwanted data.

4. Common targets of SQL Injection attacks
 SQL injection attacks can target any application that uses a SQL database, but
websites are the most common prey.
 Common SQL databases include MySQL, Oracle, and Microsoft SQL Server.
How SQL Injection attacks work
 The first step of a SQL injection attack is to study how the targeted database
functions. This is done by submitting a variety of random values into the query to
observe how the server responds.
 By exploiting vulnerabilities in the application's code, an attacker can inject
malicious SQL statements that manipulate the database

5. Blind SQL Injection
Blind SQL injection is used when a web application is vulnerable to an
SQL injection, but the results of the injection are not visible to the
attacker.
The page with the vulnerability may not be the one that displays
data; however, it will display differently depending on the results of a
logical statement injected into the legitimate SQL statement called
for that page.

6. Examples of SQL Injection Attacks
• Changing SQL queries
• Login bypass
• Undermining application logic
• Database analysis
• Examples of SQL Injection attacks on Tesla and Fortnite

7. The impact of SQL injection attacks
 Cybercriminals could gain unwanted or administrative access to private information and
resources.
 Potential data breaches can occur as a result of unauthorized access to resources.
 The data can be altered, or entire database can be deleted by cybercriminals.
 Customers may lose trust in the business, which can ultimately result in decreased revenue.
 It may take time and resources to recover from the attack and implement new security
measures to prevent future incidents.
 While the immediate effect of a successful SQL injection attack may be difficult to quantify, the
long-term damage caused by reputation loss, legal costs and lost business opportunities can
have far-reaching consequences.

8. Detecting and Preventing SQL Injection Attacks
• Importance of timely detection
• Web Application Firewalls (WAFs) as a prevention method
• Training employees on prevention methods
• Implementing security measures around user input
• Validated prevention methods

9. How to Prevent SQL Injection Attacks
SQL injection attacks occur due to poor website administration and coding.
The following steps can be taken to prevent SQL injection.
1.Input validation 2. Modify error reports
3. Other preventions
The default system accounts for SQL server 2000 should never be used.
Isolate database server and web server. Both should reside on different
machines.
Most often attackers may make use of several extended stored procedures
such as xp_cmdshell and xp_grantlogin in SQL injection attacks. In case
such extended stored procedures are not used or have unused triggers,
stored procedures, user-defined functions, etc., then these should be
moved to an isolated server.

10. Buffer Overflow
Buffer overflow occurs when a program or process tries to store more
data in a buffer (temporary data storage area) than it was intended to
hold.
As buffers are created to contain a finite amount of data, the extra
information can overflow into adjacent buffers, corrupting or
overwriting the valid data held in them.
Although it may occur accidentally through programming error,
buffer overflow is an increasingly common type of security attack on
data integrity.

11. Types of Buffer Overflow
• Stack-Based Buffer Overflow: occurs when a program writes to a memory
address on the program’s call stack outside the intended data structure, usually a
fixed length buffer.
The attacker may exploit stack-based buffer overflows to manipulate the
program in various ways by overwriting.
• NOPs: NOP or NOOP (no operation or no operation performed) is an assembly
language which enables the developer to force memory alignment to act as a
place holder to be replaced by active instructions later on in program
development.
 NOP opcode can be used to form an NOP slide, which allows code to execute
when the exact value of the instruction pointer is indeterminate.
• Heap Buffer Overflow: occurs in the heap data area when an application copies
more data into a buffer than it is designed to contain.

12. Examples of Buffer Overflow Attacks
• Injection of malicious code into corrupted memory
• Exploiting buffer overflow and adjacent memory corruption

13. How to Minimize Buffer Overflow
• The following methods will definitely help to minimize such attacks:
1.Assessment of secure code manually
2.Disable stack execution
3.Compiler tools
4.Dynamic run-time checks
5.Tools used for detecting/defending buffer overflow:
AddressSanitizer, Valgrind