The document discusses SQL injection attacks, including what SQL injection is, types of SQL injection attacks such as first and second order attacks, mechanisms for injection through user input or cookies, and techniques for preventing SQL injection like defensive coding practices and input validation. SQL injection is a code injection technique where malicious SQL statements are inserted into an entry field for execution by the backend database, allowing attackers to view or manipulate restricted data in the database. The document provides examples of SQL injection and explores ways attackers can infer information and encode attacks despite prevention methods.

2. AGENDA
What is SQL
WHAT is SQL injection
SQL Injection Attack Types
Prevention of SQL Injection Attack
2

3. WHAT IS SQL?
SQL is a special-purpose programming
language designed for managing data held in
a relational database management systems (RDBMS).
The scope of SQL includes data insert, query, update
and delete, schema creation and modification, and
data access control.
3

4. What is SQL injection?
A class of code-injection attacks, in which data provided by the
user is included in an SQL query in such a way that part of the
user’s input is treated as SQL code
SQL injection is a technique to maliciously exploit applications
that use client-supplied data in SQL statements. Attackers trick
the SQL engine into executing unintended commands by
supplying specially crafted string input, thereby gaining
unauthorized access to a database in order to view or
manipulate restricted data.
 SQL injection techniques may differ, but they all exploit a
single vulnerability in the application:
Incorrectly validated or non validated string literals are
concatenated into a dynamic SQL statement, and
interpreted as code by the SQL engine.
4

5. Example of SQL injection
5

6. TYPES OF SQL ATTACKS
1)First Order Attack:-The attacker can simply enter a
malicious string and cause the modified code to be
executed immediately.
2)Second Order Attack:-The attacker injects into
persistent storage (such as a table row) which is deemed
as a trusted source. An attack is subsequently executed by
another activity.
3)Lateral Injection:-The attacker can manipulate the
implicit functionTo_Char() by changing the values of the
environment
variables, NLS_Date_Format orNLS_Numeric_Characters.
6

7. Injection Mechanism
Injection through user input
First-order
Injection through cookies
injection
Injection through server variables
Second-order injection
7

8. Injection Mechanism
First-order injection Second-order injection
 The application processes • The application stores that
the input, causing the input for future use (usually
attacker’s injected SQL query in the database), and
to execute. responds to the request.
• The attacker submits a
second (different) request.
• To handle the second
request, the application
retrieves the stored input
and processes it, causing the
attacker’s injected SQL query
to execute.
8

9. Attack Intent
Determining database schema
Extracting data
Adding or modifying data
Bypassing authentication
9

10. Inference
Inject commands into the site and then observe how
the function/response of the website changes
Blind injection
Timing attacks
10

11. Blind SQL injection
The information must be inferred from the behavior
of the page by asking the server true/false questions
11

12. Timing Attacks
Gain information by observing timing delays in the
response of the database
12

13. Alternate Encoding
Employ alternate methods of encoding attack strings
SELECT accounts FROM users
WHERE login = ‘doe’; exec(char(0x73697574646f776e)) --’
AND pass = ‘’ AND pin =
13

14. Prevention of SQLIAs
The root cause of SQL injection vulnerabilities is
insufficient input validation
Solution:
Defensive coding practices
Detection & Prevention techniques
14

15. REFERENCES
www.wikipedia.com
www.google.com
download.oracle.com

16. QUERIES