SlideShare a Scribd company logo

Ethical hacking (sql injection and butter overflow)

Download as PPTX, PDF
R
R Islam

SQL injection and buffer overflows are two common application attacks discussed in the chapter. SQL injection occurs when user input is not sanitized before being used to construct SQL queries, allowing attackers to alter queries or access unauthorized data. Buffer overflows happen when more data is written to a buffer than it can hold, overwriting adjacent memory and potentially allowing execution of arbitrary code. The document outlines how these attacks work, their goals, and countermeasures like input validation, limiting error messages, and using programming languages less vulnerable to overflows.

Education
1 of 11
BOOK CEH Certified Ethical Hacker Study Guide By Graves, Kimberly Chapter: 9 Attacking Applications: SQL Injection and Buffer Overflows
What is SQL injection? ● SQL injection is a hacking method used to attack SQL databases. ● There are always some vulnerabilities in an application. ● SQL injection try to attack on those vulnerabilities. ● SQL injection occurs when an application processes user-provided data to create a SQL statement without first validating the input. ● Generally, the purpose of SQL injection is to convince the application to run SQL code that was not intended. ● During a web application SQL injection attack, malicious code is inserted into a web form field or the website’s code to make a system execute a command shell or other arbitrary commands
Understand the steps to conduct SQL injection Username: Password: hacker ethical123 Username: Password: ok or 1=1 - - Ok or 1=1 - - Valid SQL: SELECT * FROM USER WHERE username=hacker and password=ethical123 Injected SQL: SELECT * FROM USER WHERE username=ok or 1=1 - - and password=ok or 1=1 - - Injected SQL may return all the data from the “USER” table at once and Attacker gets valuable data like username, password, credit card number.
The Purpose of SQL Injection ● Identifying SQL Injection Vulnerability ● Performing Database Finger-Printing ● Determining Database Schema ● Extracting Data ● Adding or Modifying Data ● Performing Denial of Service ● Evading Detection ● Bypassing Authentication ● Executing Remote Commands ● Performing Privilege Escalation
Describe SQL injection countermeasures ● A countermeasure is a measure or action taken to counter or offset another one. ● The SQL vulnerabilities occur mainly for not validating the user input. → Steps could be taken to defense the SQL Injection: ● Rejecting known bad input ● Sanitizing and validating the input field ● Disable verbose and explanatory messages
Buffer overflows ● A buffer is a sequential section of memory allocated to contain anything from a character string to an array of integers ● A buffer overflow exploit causes a system to fail by overloading memory or executing a command shell or arbitrary code on the target system. ● A buffer overflow vulnerability is caused by a lack of bounds checking or a lack of input-validation sanitization in a variable field (such as on a web form). ● If the application doesn’t check or validate the size or format of a variable before sending it to be stored in memory, an overflow vulnerability exit. ● Attacks usually targets at user input fields
Type of Buffer Overflow → There are mainly two type of buffer overflow 1. Stack based 2. Heap based
Overview of stack-based buffer overflows The following are the steps a hacker uses to execute a stack-based buffer overflow: 1. Enter a variable into the buffer to exhaust the amount of memory in the stack. 2. Enter more data than the buffer has allocated in memory for that variable, which causes the memory to overflow or run into the memory space for the next process. Then, add another variable, and overwrite the return pointer that tells the program where to return to after executing the variable. 3. A program executes this malicious code variable and then uses the return pointer to get back to the next line of executable code. If the hacker successfully overwrites the pointer, the program executes the hacker’s code instead of the program code
Buffer Overflow Countermeasures ● A hacker must know the exact memory address and the size of the stack in order to make the return pointer execute their code. ● A hacker can send NOP (No Operation) instruction. ● Intrusion detection system (IDS) can be used to detect malicious code. ● Attacker tries to send a series of NOP instruction. ● Programmers should not use the built-in strcpy(), strcat(), and streadd() C/C++ functions because they are susceptible to buffer overflows ● Java can be used as the programming language since Java is not susceptible to buffer overflows
Thanks All

Recommended

W3AF|null
W3AF|nullW3AF|null
W3AF|null
Prajwal Panchmahalkar
 
Web application attack and audit framework (w3af)
Web application attack and audit framework (w3af)Web application attack and audit framework (w3af)
Web application attack and audit framework (w3af)
Abhishek Choksi
 
Exception handling
Exception handlingException handling
Exception handling
Harry Potter
 
An Example of use the Threat Modeling Tool (FFRI Monthly Research Nov 2016)
An Example of use the Threat Modeling Tool (FFRI Monthly Research Nov 2016)An Example of use the Threat Modeling Tool (FFRI Monthly Research Nov 2016)
An Example of use the Threat Modeling Tool (FFRI Monthly Research Nov 2016)
FFRI, Inc.
 
RIA 05 - Unit Testing by Ajinkya Prabhune
RIA 05 - Unit Testing by Ajinkya PrabhuneRIA 05 - Unit Testing by Ajinkya Prabhune
RIA 05 - Unit Testing by Ajinkya Prabhune
Johannes Hoppe
 
ieee
ieeeieee
ieee
Radheshyam Dhakad
 
Sql injection & command injection
Sql injection & command injectionSql injection & command injection
Sql injection & command injection
Lahore Garrison University
 
Unit testing using Munit Part 1
Unit testing using Munit Part 1Unit testing using Munit Part 1
Unit testing using Munit Part 1
Anand kalla
 

Recommended

W3AF|null
W3AF|nullW3AF|null
W3AF|null
Prajwal Panchmahalkar
 
Web application attack and audit framework (w3af)
Web application attack and audit framework (w3af)Web application attack and audit framework (w3af)
Web application attack and audit framework (w3af)
Abhishek Choksi
 
Exception handling
Exception handlingException handling
Exception handling
Harry Potter
 
An Example of use the Threat Modeling Tool (FFRI Monthly Research Nov 2016)
An Example of use the Threat Modeling Tool (FFRI Monthly Research Nov 2016)An Example of use the Threat Modeling Tool (FFRI Monthly Research Nov 2016)
An Example of use the Threat Modeling Tool (FFRI Monthly Research Nov 2016)
FFRI, Inc.
 
RIA 05 - Unit Testing by Ajinkya Prabhune
RIA 05 - Unit Testing by Ajinkya PrabhuneRIA 05 - Unit Testing by Ajinkya Prabhune
RIA 05 - Unit Testing by Ajinkya Prabhune
Johannes Hoppe
 
ieee
ieeeieee
ieee
Radheshyam Dhakad
 
Sql injection & command injection
Sql injection & command injectionSql injection & command injection
Sql injection & command injection
Lahore Garrison University
 
Unit testing using Munit Part 1
Unit testing using Munit Part 1Unit testing using Munit Part 1
Unit testing using Munit Part 1
Anand kalla
 
SQLi for Security Champions
SQLi for Security ChampionsSQLi for Security Champions
SQLi for Security Champions
PetraVukmirovic
 
Ethical Hacking Project: SQL Injection Vulnerability Analysis.pptx
Ethical Hacking Project: SQL Injection Vulnerability Analysis.pptxEthical Hacking Project: SQL Injection Vulnerability Analysis.pptx
Ethical Hacking Project: SQL Injection Vulnerability Analysis.pptx
Boston Institute of Analytics
 
Web application security
Web application securityWeb application security
Web application security
www.netgains.org
 
Sql Injection
Sql InjectionSql Injection
Sql Injection
penetration Tester
 
Sql injections (Basic bypass authentication)
Sql injections (Basic bypass authentication)Sql injections (Basic bypass authentication)
Sql injections (Basic bypass authentication)
Ravindra Singh Rathore
 
Secure coding guidelines
Secure coding guidelinesSecure coding guidelines
Secure coding guidelines
Zakaria SMAHI
 
Exploitation techniques and fuzzing
Exploitation techniques and fuzzingExploitation techniques and fuzzing
Exploitation techniques and fuzzing
G Prachi
 
DEFCON 23 - Lance buttars Nemus - sql injection on lamp
DEFCON 23 - Lance buttars Nemus - sql injection on lampDEFCON 23 - Lance buttars Nemus - sql injection on lamp
DEFCON 23 - Lance buttars Nemus - sql injection on lamp
Felipe Prado
 
Sql injection
Sql injectionSql injection
Sql injection
Nuruzzaman Milon
 
Sql Injection
Sql InjectionSql Injection
Sql Injection
Lakshika Rasanjali
 
csf_ppt.pptx
csf_ppt.pptxcsf_ppt.pptx
csf_ppt.pptx
0567Padma
 
Security testing
Security testingSecurity testing
Security testing
Tabăra de Testare
 
Owasp web security
Owasp web securityOwasp web security
Owasp web security
Pankaj Kumar Sharma
 
An Introduction of SQL Injection, Buffer Overflow & Wireless Attack
An Introduction of SQL Injection, Buffer Overflow & Wireless AttackAn Introduction of SQL Injection, Buffer Overflow & Wireless Attack
An Introduction of SQL Injection, Buffer Overflow & Wireless Attack
TechSecIT
 
How to Test for The OWASP Top Ten
How to Test for The OWASP Top Ten How to Test for The OWASP Top Ten
How to Test for The OWASP Top Ten
Security Innovation
 
Common Web Application Attacks
Common Web Application Attacks Common Web Application Attacks
Common Web Application Attacks
Ahmed Sherif
 
Types of sql injection attacks
Types of sql injection attacksTypes of sql injection attacks
Types of sql injection attacks
Respa Peter
 
SQL Injection
SQL InjectionSQL Injection
SQL Injection
Asish Kumar Rath
 
OWASP TOP 10 by Team xbios
OWASP TOP 10 by Team xbiosOWASP TOP 10 by Team xbios
OWASP TOP 10 by Team xbios
Vi Vek
 
WEB APPLICATION VULNERABILITIES: DAWN, DETECTION, EXPLOITATION AND DEFENSE
WEB APPLICATION VULNERABILITIES: DAWN, DETECTION, EXPLOITATION AND DEFENSEWEB APPLICATION VULNERABILITIES: DAWN, DETECTION, EXPLOITATION AND DEFENSE
WEB APPLICATION VULNERABILITIES: DAWN, DETECTION, EXPLOITATION AND DEFENSE
Ajith Kp
 
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesMixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Celine George
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdf
AyushMahapatra5
 

More Related Content

Similar to Ethical hacking (sql injection and butter overflow)

Ethical Hacking Project: SQL Injection Vulnerability Analysis.pptx
Ethical Hacking Project: SQL Injection Vulnerability Analysis.pptxEthical Hacking Project: SQL Injection Vulnerability Analysis.pptx
Ethical Hacking Project: SQL Injection Vulnerability Analysis.pptx
Boston Institute of Analytics
 
How to Test for The OWASP Top Ten
How to Test for The OWASP Top Ten How to Test for The OWASP Top Ten
How to Test for The OWASP Top Ten
Security Innovation
 

Similar to Ethical hacking (sql injection and butter overflow) (20)

SQLi for Security Champions
SQLi for Security ChampionsSQLi for Security Champions
SQLi for Security Champions
 
Ethical Hacking Project: SQL Injection Vulnerability Analysis.pptx
Ethical Hacking Project: SQL Injection Vulnerability Analysis.pptxEthical Hacking Project: SQL Injection Vulnerability Analysis.pptx
Ethical Hacking Project: SQL Injection Vulnerability Analysis.pptx
 
Web application security
Web application securityWeb application security
Web application security
 
Sql Injection
Sql InjectionSql Injection
Sql Injection
 
Sql injections (Basic bypass authentication)
Sql injections (Basic bypass authentication)Sql injections (Basic bypass authentication)
Sql injections (Basic bypass authentication)
 
Secure coding guidelines
Secure coding guidelinesSecure coding guidelines
Secure coding guidelines
 
Exploitation techniques and fuzzing
Exploitation techniques and fuzzingExploitation techniques and fuzzing
Exploitation techniques and fuzzing
 
DEFCON 23 - Lance buttars Nemus - sql injection on lamp
DEFCON 23 - Lance buttars Nemus - sql injection on lampDEFCON 23 - Lance buttars Nemus - sql injection on lamp
DEFCON 23 - Lance buttars Nemus - sql injection on lamp
 
Sql injection
Sql injectionSql injection
Sql injection
 
Sql Injection
Sql InjectionSql Injection
Sql Injection
 
csf_ppt.pptx
csf_ppt.pptxcsf_ppt.pptx
csf_ppt.pptx
 
Security testing
Security testingSecurity testing
Security testing
 
Owasp web security
Owasp web securityOwasp web security
Owasp web security
 
An Introduction of SQL Injection, Buffer Overflow & Wireless Attack
An Introduction of SQL Injection, Buffer Overflow & Wireless AttackAn Introduction of SQL Injection, Buffer Overflow & Wireless Attack
An Introduction of SQL Injection, Buffer Overflow & Wireless Attack
 
How to Test for The OWASP Top Ten
How to Test for The OWASP Top Ten How to Test for The OWASP Top Ten
How to Test for The OWASP Top Ten
 
Common Web Application Attacks
Common Web Application Attacks Common Web Application Attacks
Common Web Application Attacks
 
Types of sql injection attacks
Types of sql injection attacksTypes of sql injection attacks
Types of sql injection attacks
 
SQL Injection
SQL InjectionSQL Injection
SQL Injection
 
OWASP TOP 10 by Team xbios
OWASP TOP 10 by Team xbiosOWASP TOP 10 by Team xbios
OWASP TOP 10 by Team xbios
 
WEB APPLICATION VULNERABILITIES: DAWN, DETECTION, EXPLOITATION AND DEFENSE
WEB APPLICATION VULNERABILITIES: DAWN, DETECTION, EXPLOITATION AND DEFENSEWEB APPLICATION VULNERABILITIES: DAWN, DETECTION, EXPLOITATION AND DEFENSE
WEB APPLICATION VULNERABILITIES: DAWN, DETECTION, EXPLOITATION AND DEFENSE
 

Recently uploaded

Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptx
negromaestrong
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
PECB
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
kauryashika82
 
Making and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdfMaking and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdf
Chris Hunter
 
Gardella_Mateo_IntellectualProperty.pdf.
Gardella_Mateo_IntellectualProperty.pdf.Gardella_Mateo_IntellectualProperty.pdf.
Gardella_Mateo_IntellectualProperty.pdf.
MateoGardella
 

Recently uploaded (20)

Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesMixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdf
 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptx
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 
Advance Mobile Application Development class 07
Advance Mobile Application Development class 07Advance Mobile Application Development class 07
Advance Mobile Application Development class 07
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptx
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Making and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdfMaking and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdf
 
Gardella_Mateo_IntellectualProperty.pdf.
Gardella_Mateo_IntellectualProperty.pdf.Gardella_Mateo_IntellectualProperty.pdf.
Gardella_Mateo_IntellectualProperty.pdf.
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writing
 

Ethical hacking (sql injection and butter overflow)

  • 1. BOOK CEH Certified Ethical Hacker Study Guide By Graves, Kimberly Chapter: 9 Attacking Applications: SQL Injection and Buffer Overflows
  • 2. What is SQL injection? ● SQL injection is a hacking method used to attack SQL databases. ● There are always some vulnerabilities in an application. ● SQL injection try to attack on those vulnerabilities. ● SQL injection occurs when an application processes user-provided data to create a SQL statement without first validating the input. ● Generally, the purpose of SQL injection is to convince the application to run SQL code that was not intended. ● During a web application SQL injection attack, malicious code is inserted into a web form field or the website’s code to make a system execute a command shell or other arbitrary commands
  • 3. Understand the steps to conduct SQL injection Username: Password: hacker ethical123 Username: Password: ok or 1=1 - - Ok or 1=1 - - Valid SQL: SELECT * FROM USER WHERE username=hacker and password=ethical123 Injected SQL: SELECT * FROM USER WHERE username=ok or 1=1 - - and password=ok or 1=1 - - Injected SQL may return all the data from the “USER” table at once and Attacker gets valuable data like username, password, credit card number.
  • 4. The Purpose of SQL Injection ● Identifying SQL Injection Vulnerability ● Performing Database Finger-Printing ● Determining Database Schema ● Extracting Data ● Adding or Modifying Data ● Performing Denial of Service ● Evading Detection ● Bypassing Authentication ● Executing Remote Commands ● Performing Privilege Escalation
  • 5. Describe SQL injection countermeasures ● A countermeasure is a measure or action taken to counter or offset another one. ● The SQL vulnerabilities occur mainly for not validating the user input. → Steps could be taken to defense the SQL Injection: ● Rejecting known bad input ● Sanitizing and validating the input field ● Disable verbose and explanatory messages
  • 6. Buffer overflows ● A buffer is a sequential section of memory allocated to contain anything from a character string to an array of integers ● A buffer overflow exploit causes a system to fail by overloading memory or executing a command shell or arbitrary code on the target system. ● A buffer overflow vulnerability is caused by a lack of bounds checking or a lack of input-validation sanitization in a variable field (such as on a web form). ● If the application doesn’t check or validate the size or format of a variable before sending it to be stored in memory, an overflow vulnerability exit. ● Attacks usually targets at user input fields
  • 7. Type of Buffer Overflow → There are mainly two type of buffer overflow 1. Stack based 2. Heap based
  • 8. Overview of stack-based buffer overflows The following are the steps a hacker uses to execute a stack-based buffer overflow: 1. Enter a variable into the buffer to exhaust the amount of memory in the stack. 2. Enter more data than the buffer has allocated in memory for that variable, which causes the memory to overflow or run into the memory space for the next process. Then, add another variable, and overwrite the return pointer that tells the program where to return to after executing the variable. 3. A program executes this malicious code variable and then uses the return pointer to get back to the next line of executable code. If the hacker successfully overwrites the pointer, the program executes the hacker’s code instead of the program code
  • 9.
  • 10. Buffer Overflow Countermeasures ● A hacker must know the exact memory address and the size of the stack in order to make the return pointer execute their code. ● A hacker can send NOP (No Operation) instruction. ● Intrusion detection system (IDS) can be used to detect malicious code. ● Attacker tries to send a series of NOP instruction. ● Programmers should not use the built-in strcpy(), strcat(), and streadd() C/C++ functions because they are susceptible to buffer overflows ● Java can be used as the programming language since Java is not susceptible to buffer overflows