AT
Uploaded byAnoop T
PPTX, PDF34,846 views

SQL INJECTION

SQL injection is a code injection technique used to attack data-driven applications by inserting malicious SQL statements into entry fields. It allows attackers to gain unauthorized access, modify, or delete data, leading to significant security breaches as demonstrated by high-profile cases. Defenses against SQL injection include data sanitization, the use of web application firewalls, and limiting database privileges.

Embed presentation

Downloaded 1,174 times
ANOOP.T
• Introduction • Attack Intent • Real World Examples • How SQL Injection works? • Video • Impact of SQL injection • Types of attacks • Hack a website • Defence Against SQL Injection • Other Injection Types • SQL Injection tools • Conclusion
• SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQLstatements are inserted into an entry field for execution • This is a method to attack web applications that have a data repository. • The attacker would send a specially crafted SQL statement that is designed to cause some malicious action.
• Determining database schema • Extracting data • Adding or modifying data • Bypassing authentication
• On August 17, 2009, the United States Justice Department charged an American citizen Albert Gonzalez and two Russians with the theft of 130 million credit card numbers using an SQL injection attack. • In 2008 a sweep of attacks began exploiting the SQL injection vulnerabilities of Microsoft's IIS web server and SQL database server. Over 500,000 sites were exploited.
• The ability to inject SQL commands into the database engine through an existing application • SQL injection is the use of publicly available fields to gain entry to your database. • This is done by entering SQL commands into your form fields instead of the expected data. • Improperly coded forms will allow a hacker to use them as an entry point to your database
1. App sends form to user. 2. Attacker submits form with SQL exploit data. 3. Application builds string with exploit data. 4. Application sends SQL query to DB. 5. DB executes query, including exploit, sends data back to application. 6. Application returns data to user. Web Server Attacker DB Server Firewall User Pass ‘ or 1=1-- Form
$link = mysql_connect($DB_HOST, $DB_USERNAME, $DB_PASSWORD) or die ("Couldn't connect: " . mysql_error()); mysql_select_db($DB_DATABASE); $query = "select count(*) from users where username = '$username' and password = '$password‘ "; $result = mysql_query($query);
Unauthorized Access Attempt: password = ’ or 1=1 -- SQL statement becomes: select count(*) from users where username = ‘user’ and password = ‘’ or 1=1 -- Checks if password is empty OR 1=1, which is always true, permitting access.
Database Modification Attack: password = foo’; delete from table users where username like ‘% DB executes two SQL statements: select count(*) from users where username = ‘user’ and password = ‘foo’ delete from table users where username like ‘%’
1. Leakage of sensitive information. 2. Reputation decline. 3. Modification of sensitive information. 4. Loss of control of db server. 5. Data loss. 6. Denial of service.
1. First order attacks • The attacker can simply enter a malicious string and cause the modified code to be executed immediately 2. Second order attacks • The attacker injects into a persistent storage (such as a table row) which is deemed as a trusted source. An attack is subsequently executed by another activity. 1. Lateral Injection
3. Lateral Injection The attacker can manipulate the implicit function To_Char() by changing the values of the environment
• Injection through user input • Injection through cookies • Injection through server variables First order injection
• Shell injection.
• Websites require constant access to the database. • Firewalls provide little or no defense against SQL injection attacks. • Your website is public and firewalls must be set to allow every site visitor access to your database, usually over port 80/443. • Antivirus programs are equally ineffective at blocking SQL injection attacks.
1. Comprehensive data sanitization • Web sites must filter all user input • For example, e-mail addresses should be filtered to allow only the characters allowed in an e-mail address. • Its SQL injection defenses can catch most attempts to sneak SQL through web channels.
2. Use a web application firewall • A popular example is the free, open source module ModSecurity. • ModSecurity provides a sophisticated and ever-evolving set of rules to filter potentially dangerous web requests.
3. Limit database privileges by context • Create multiple database user accounts with the minimum levels of privilege for their usage environment. • For example, the code behind a login page should query the database using an account limited only to the relevent credentials table. • This way, a breach through this channel cannot be leveraged to compromise the entire database.
4. Avoid constructing SQL queries with user input • Even data sanitization routines can be flawed. • Using SQL variable binding with prepared statements or stored procedures is much safer than constructing full queries.
• Shell injection. • Scripting language injection. • File inclusion. • XML injection. • XPath injection. • LDAP injection. • SMTP injection.
• BSQL Hacker • SQLmap • SQLninja • Safe3 SQL Injector • SQLSus • Mole • Havij
• SQL injection is technique for exploiting applications that use relational databases as their back end. • Applications compose SQL statements and send to database. • SQL injection use the fact that many of these applications concatenate the fixed part of SQL statement with user-supplied data that forms WHERE predicates or additional sub-queries.
• The technique is based on malformed user- supplied data • Transform the innocent SQL calls to a malicious call • Cause unauthorized access, deletion of data, or theft of information • All databases can be a target of SQL injection and all are vulnerable to this technique. • The vulnerability is in the application layer outside of the database, and the moment that the application has a connection into the database.
• www.google.com • www.youtube.com • www.slideshare.net • www.beyondsecurity.com • www.wikipedia.org • www.breakthesecurity.cysecurity.org • http://www.esecurityplanet.com/ • http://resources.infosecinstitute.com/best-free-and-open-source-sql- injection-tools/
SQL INJECTION
SQL INJECTION

More Related Content

PPT
Sql injection
byPallavi Biswas
 
PPTX
SQL Injections - A Powerpoint Presentation
byRapid Purple
 
PPTX
Sql Injection attacks and prevention
byhelloanand
 
PPTX
Sql injections - with example
byPrateek Chauhan
 
PPTX
Ppt on sql injection
byashish20012
 
PPTX
Sql injection in cybersecurity
bySanad Bhowmik
 
PDF
Sql Injection - Vulnerability and Security
bySandip Chaudhari
 
PPTX
Sql injection
byZidh
 
Sql injection
byPallavi Biswas
 
SQL Injections - A Powerpoint Presentation
byRapid Purple
 
Sql Injection attacks and prevention
byhelloanand
 
Sql injections - with example
byPrateek Chauhan
 
Ppt on sql injection
byashish20012
 
Sql injection in cybersecurity
bySanad Bhowmik
 
Sql Injection - Vulnerability and Security
bySandip Chaudhari
 
Sql injection
byZidh
 

What's hot

PPTX
Ssl and tls
byRana assad ali
 
PPT
Java Servlets
byBG Java EE Course
 
PDF
Servlet and servlet life cycle
byDhruvin Nakrani
 
PPTX
Basics of Denial of Service Attacks
byHansa Nidushan
 
PPTX
DoS or DDoS attack
bystollen_fusion
 
PPTX
Network attacks
byManjushree Mashal
 
PPTX
OWASP Top 10 2021 What's New
byMichael Furman
 
PPTX
Types of attacks
byVivek Gandhi
 
PPT
DDoS Attack PPT by Nitin Bisht
byNitin Bisht
 
PDF
Web Application Security 101
byCybersecurity Education and Research Centre
 
PPTX
SQL Injection
byAsish Kumar Rath
 
PPT
Software security
byRoman Oliynykov
 
PPT
Sql injection attack
byRajKumar Rampelli
 
PPT
Application Security
byflorinc
 
PDF
Authentication techniques
byIGZ Software house
 
PPTX
Web services
byAkshay Ballarpure
 
PPTX
Footprinting and reconnaissance
byNishaYadav177
 
PPTX
Types of cyber attacks
bykrishh sivakrishna
 
PPT
Secure code practices
byHina Rawal
 
PPTX
Introduction to Network Security
byJohn Ely Masculino
 
Ssl and tls
byRana assad ali
 
Java Servlets
byBG Java EE Course
 
Servlet and servlet life cycle
byDhruvin Nakrani
 
Basics of Denial of Service Attacks
byHansa Nidushan
 
DoS or DDoS attack
bystollen_fusion
 
Network attacks
byManjushree Mashal
 
OWASP Top 10 2021 What's New
byMichael Furman
 
Types of attacks
byVivek Gandhi
 
DDoS Attack PPT by Nitin Bisht
byNitin Bisht
 
Web Application Security 101
byCybersecurity Education and Research Centre
 
SQL Injection
byAsish Kumar Rath
 
Software security
byRoman Oliynykov
 
Sql injection attack
byRajKumar Rampelli
 
Application Security
byflorinc
 
Authentication techniques
byIGZ Software house
 
Web services
byAkshay Ballarpure
 
Footprinting and reconnaissance
byNishaYadav177
 
Types of cyber attacks
bykrishh sivakrishna
 
Secure code practices
byHina Rawal
 
Introduction to Network Security
byJohn Ely Masculino
 

Viewers also liked

PPT
SQL Injection
byAdhoura Academy
 
PPTX
Sql injection
byHemendra Kumar
 
PPT
A Brief Introduction in SQL Injection
bySina Manavi
 
PPT
Sql Injection Attacks Siddhesh
bySiddhesh Bhobe
 
PPT
Sql injection
byNitish Kumar
 
DOCX
Types of sql injection attacks
byRespa Peter
 
PPT
D:\Technical\Ppt\Sql Injection
byavishkarm
 
PPT
Web application attacks using Sql injection and countermasures
byCade Zvavanjanja
 
PPT
Introduction to SQL Injection
byjpubal
 
ODP
XSS
byHrishikesh Mishra
 
PPTX
SQL Injection Attacks cs586
byStacy Watts
 
PDF
Sql injection with sqlmap
byHerman Duarte
 
PPTX
Sql Injection and Entity Frameworks
byRich Helton
 
PDF
Advanced SQL Injection: Attacks
byNuno Loureiro
 
PPTX
Understanding and preventing sql injection attacks
byKevin Kline
 
PPTX
SQL Injection
byMarios Siganos
 
PPT
Advanced Sql Injection ENG
byDmitry Evteev
 
PDF
SQL injection: Not only AND 1=1
byBernardo Damele A. G.
 
PDF
SQL injection: Not Only AND 1=1 (updated)
byBernardo Damele A. G.
 
PPTX
Cross Site Scripting (XSS)
byBarrel Software
 
SQL Injection
byAdhoura Academy
 
Sql injection
byHemendra Kumar
 
A Brief Introduction in SQL Injection
bySina Manavi
 
Sql Injection Attacks Siddhesh
bySiddhesh Bhobe
 
Sql injection
byNitish Kumar
 
Types of sql injection attacks
byRespa Peter
 
D:\Technical\Ppt\Sql Injection
byavishkarm
 
Web application attacks using Sql injection and countermasures
byCade Zvavanjanja
 
Introduction to SQL Injection
byjpubal
 
XSS
byHrishikesh Mishra
 
SQL Injection Attacks cs586
byStacy Watts
 
Sql injection with sqlmap
byHerman Duarte
 
Sql Injection and Entity Frameworks
byRich Helton
 
Advanced SQL Injection: Attacks
byNuno Loureiro
 
Understanding and preventing sql injection attacks
byKevin Kline
 
SQL Injection
byMarios Siganos
 
Advanced Sql Injection ENG
byDmitry Evteev
 
SQL injection: Not only AND 1=1
byBernardo Damele A. G.
 
SQL injection: Not Only AND 1=1 (updated)
byBernardo Damele A. G.
 
Cross Site Scripting (XSS)
byBarrel Software
 

Similar to SQL INJECTION

PPTX
Sql injection
byUzair ul Haq Khan
 
PDF
Sql injection bypassing hand book blackrose
byNoaman Aziz
 
PPTX
Sql Injection
bypenetration Tester
 
PPT
SQLSecurity.ppt
byLokeshK66
 
PPT
SQLSecurity.ppt
byCNSHacking
 
PPTX
cgbhjjjjjjjnmmmkmmmmmmkkkkkkTutorial5.pptx
byprasadGade6
 
PPSX
Web application security
bywww.netgains.org
 
PPT
Sql security
bySafwan Hashmi
 
PPTX
Sql injections (Basic bypass authentication)
byRavindra Singh Rathore
 
PPTX
SQL Injection Stegnography in Pen Testing
by191013607gouthamsric
 
PPTX
Sql injection - security testing
byNapendra Singh
 
PPTX
SQL Injections - 2016 - Huntington Beach
byJeff Prom
 
PPTX
Code injection and green sql
byKaustav Sengupta
 
PPTX
Greensql2007
byKaustav Sengupta
 
PPTX
Sql injection
byNuruzzaman Milon
 
PPTX
SQL injection implementation and prevention
byRejaul Islam Royel
 
PPTX
Sql injection
byThe Avi Sharma
 
PPTX
SQL INJECTION
byZiaullah Khan
 
PPT
Sql injection attacks
bychaitanya Lotankar
 
PDF
IRJET- Detection of SQL Injection using Machine Learning : A Survey
byIRJET Journal
 
Sql injection
byUzair ul Haq Khan
 
Sql injection bypassing hand book blackrose
byNoaman Aziz
 
Sql Injection
bypenetration Tester
 
SQLSecurity.ppt
byLokeshK66
 
SQLSecurity.ppt
byCNSHacking
 
cgbhjjjjjjjnmmmkmmmmmmkkkkkkTutorial5.pptx
byprasadGade6
 
Web application security
bywww.netgains.org
 
Sql security
bySafwan Hashmi
 
Sql injections (Basic bypass authentication)
byRavindra Singh Rathore
 
SQL Injection Stegnography in Pen Testing
by191013607gouthamsric
 
Sql injection - security testing
byNapendra Singh
 
SQL Injections - 2016 - Huntington Beach
byJeff Prom
 
Code injection and green sql
byKaustav Sengupta
 
Greensql2007
byKaustav Sengupta
 
Sql injection
byNuruzzaman Milon
 
SQL injection implementation and prevention
byRejaul Islam Royel
 
Sql injection
byThe Avi Sharma
 
SQL INJECTION
byZiaullah Khan
 
Sql injection attacks
bychaitanya Lotankar
 
IRJET- Detection of SQL Injection using Machine Learning : A Survey
byIRJET Journal
 

Recently uploaded

PPTX
Data Skills for Business Analysts: What You Need to Succeed
byScott W. Ambler
 
PDF
openstack_operations_slides_version1.3_pp.pdf
byssuser47d511
 
PPTX
Connecting to MCP Servers in OutSystems Platform
byOzanCali
 
PDF
Ontwikkel sneller en veiliger met GitHub Copilot
byDelta-N
 
PPTX
How CFD Simulations Support Sustainable Data Center Design Optimization
byWeb Synergies
 
PDF
Lost Android Phone Recovery_ Steps That Work Fast.pdf
byIsabella Reed
 
PDF
Building with AI using Local & Cloud-based AI IDE: Evaluation-Driven Developm...
byKunal Suri
 
PPTX
‘Analyzing Application Logs Using AI’ Webinar
byTier1 app
 
PDF
ACE Aarhus February 2026: Atlassian news
byDanielEriksen5
 
PDF
Clean Architecture with Vertical Slice Architecture in .NET 8
byVineet Sharma
 
PDF
On Demand Massage Therapist Booking App Development
byV3CUBE TECHNOLABS
 
PDF
Doctor On Call App Development for Digital Healthcare.
byV3CUBE TECHNOLABS
 
PDF
Routing Guidelines: Unlocking Smarter Query Routing in MySQL Architectures
byMiguel Araújo
 
PDF
Langchain4J – An Introduction for Impatient Developers
byJuarez Junior
 
PDF
Jira, Powered by Enterprise-Grade Intelligence from NeoroTalks.pdf
byNeoro Talks
 
PDF
MySQL Routing Guidelines: Designing Smarter Query Routing Together
byMiguel Araújo
 
PDF
Mastering Zero-Allocation Parsers: A Deep Dive into High-Performance C#
byVineet Sharma
 
PDF
The Ultimate Guide to Real Estate Tokenization Platforms
byDaniel Smith
 
PDF
SAP ERP to SAP S_4HANA Cloud Private Edition Delta Scope
bychuck78
 
PDF
Ready, Set, REST! Introducing MySQL's Built-In REST Service
byMiguel Araújo
 
Data Skills for Business Analysts: What You Need to Succeed
byScott W. Ambler
 
openstack_operations_slides_version1.3_pp.pdf
byssuser47d511
 
Connecting to MCP Servers in OutSystems Platform
byOzanCali
 
Ontwikkel sneller en veiliger met GitHub Copilot
byDelta-N
 
How CFD Simulations Support Sustainable Data Center Design Optimization
byWeb Synergies
 
Lost Android Phone Recovery_ Steps That Work Fast.pdf
byIsabella Reed
 
Building with AI using Local & Cloud-based AI IDE: Evaluation-Driven Developm...
byKunal Suri
 
‘Analyzing Application Logs Using AI’ Webinar
byTier1 app
 
ACE Aarhus February 2026: Atlassian news
byDanielEriksen5
 
Clean Architecture with Vertical Slice Architecture in .NET 8
byVineet Sharma
 
On Demand Massage Therapist Booking App Development
byV3CUBE TECHNOLABS
 
Doctor On Call App Development for Digital Healthcare.
byV3CUBE TECHNOLABS
 
Routing Guidelines: Unlocking Smarter Query Routing in MySQL Architectures
byMiguel Araújo
 
Langchain4J – An Introduction for Impatient Developers
byJuarez Junior
 
Jira, Powered by Enterprise-Grade Intelligence from NeoroTalks.pdf
byNeoro Talks
 
MySQL Routing Guidelines: Designing Smarter Query Routing Together
byMiguel Araújo
 
Mastering Zero-Allocation Parsers: A Deep Dive into High-Performance C#
byVineet Sharma
 
The Ultimate Guide to Real Estate Tokenization Platforms
byDaniel Smith
 
SAP ERP to SAP S_4HANA Cloud Private Edition Delta Scope
bychuck78
 
Ready, Set, REST! Introducing MySQL's Built-In REST Service
byMiguel Araújo
 

SQL INJECTION

  • 1.
  • 2.
    • Introduction • AttackIntent • Real World Examples • How SQL Injection works? • Video • Impact of SQL injection • Types of attacks • Hack a website • Defence Against SQL Injection • Other Injection Types • SQL Injection tools • Conclusion
  • 3.
    • SQL injectionis a code injection technique, used to attack data-driven applications, in which malicious SQLstatements are inserted into an entry field for execution • This is a method to attack web applications that have a data repository. • The attacker would send a specially crafted SQL statement that is designed to cause some malicious action.
  • 4.
    • Determining databaseschema • Extracting data • Adding or modifying data • Bypassing authentication
  • 5.
    • On August17, 2009, the United States Justice Department charged an American citizen Albert Gonzalez and two Russians with the theft of 130 million credit card numbers using an SQL injection attack. • In 2008 a sweep of attacks began exploiting the SQL injection vulnerabilities of Microsoft's IIS web server and SQL database server. Over 500,000 sites were exploited.
  • 6.
    • The abilityto inject SQL commands into the database engine through an existing application • SQL injection is the use of publicly available fields to gain entry to your database. • This is done by entering SQL commands into your form fields instead of the expected data. • Improperly coded forms will allow a hacker to use them as an entry point to your database
  • 8.
    1. App sendsform to user. 2. Attacker submits form with SQL exploit data. 3. Application builds string with exploit data. 4. Application sends SQL query to DB. 5. DB executes query, including exploit, sends data back to application. 6. Application returns data to user. Web Server Attacker DB Server Firewall User Pass ‘ or 1=1-- Form
  • 11.
    $link = mysql_connect($DB_HOST,$DB_USERNAME, $DB_PASSWORD) or die ("Couldn't connect: " . mysql_error()); mysql_select_db($DB_DATABASE); $query = "select count(*) from users where username = '$username' and password = '$password‘ "; $result = mysql_query($query);
  • 12.
    Unauthorized Access Attempt: password= ’ or 1=1 -- SQL statement becomes: select count(*) from users where username = ‘user’ and password = ‘’ or 1=1 -- Checks if password is empty OR 1=1, which is always true, permitting access.
  • 13.
    Database Modification Attack: password= foo’; delete from table users where username like ‘% DB executes two SQL statements: select count(*) from users where username = ‘user’ and password = ‘foo’ delete from table users where username like ‘%’
  • 14.
    1. Leakage ofsensitive information. 2. Reputation decline. 3. Modification of sensitive information. 4. Loss of control of db server. 5. Data loss. 6. Denial of service.
  • 15.
    1. First orderattacks • The attacker can simply enter a malicious string and cause the modified code to be executed immediately 2. Second order attacks • The attacker injects into a persistent storage (such as a table row) which is deemed as a trusted source. An attack is subsequently executed by another activity. 1. Lateral Injection
  • 16.
    3. Lateral Injection Theattacker can manipulate the implicit function To_Char() by changing the values of the environment
  • 17.
    • Injection throughuser input • Injection through cookies • Injection through server variables First order injection
  • 18.
  • 19.
    • Websites requireconstant access to the database. • Firewalls provide little or no defense against SQL injection attacks. • Your website is public and firewalls must be set to allow every site visitor access to your database, usually over port 80/443. • Antivirus programs are equally ineffective at blocking SQL injection attacks.
  • 20.
    1. Comprehensive datasanitization • Web sites must filter all user input • For example, e-mail addresses should be filtered to allow only the characters allowed in an e-mail address. • Its SQL injection defenses can catch most attempts to sneak SQL through web channels.
  • 21.
    2. Use aweb application firewall • A popular example is the free, open source module ModSecurity. • ModSecurity provides a sophisticated and ever-evolving set of rules to filter potentially dangerous web requests.
  • 22.
    3. Limit databaseprivileges by context • Create multiple database user accounts with the minimum levels of privilege for their usage environment. • For example, the code behind a login page should query the database using an account limited only to the relevent credentials table. • This way, a breach through this channel cannot be leveraged to compromise the entire database.
  • 23.
    4. Avoid constructingSQL queries with user input • Even data sanitization routines can be flawed. • Using SQL variable binding with prepared statements or stored procedures is much safer than constructing full queries.
  • 24.
    • Shell injection. •Scripting language injection. • File inclusion. • XML injection. • XPath injection. • LDAP injection. • SMTP injection.
  • 25.
    • BSQL Hacker •SQLmap • SQLninja • Safe3 SQL Injector • SQLSus • Mole • Havij
  • 26.
    • SQL injectionis technique for exploiting applications that use relational databases as their back end. • Applications compose SQL statements and send to database. • SQL injection use the fact that many of these applications concatenate the fixed part of SQL statement with user-supplied data that forms WHERE predicates or additional sub-queries.
  • 27.
    • The techniqueis based on malformed user- supplied data • Transform the innocent SQL calls to a malicious call • Cause unauthorized access, deletion of data, or theft of information • All databases can be a target of SQL injection and all are vulnerable to this technique. • The vulnerability is in the application layer outside of the database, and the moment that the application has a connection into the database.
  • 28.
    • www.google.com • www.youtube.com •www.slideshare.net • www.beyondsecurity.com • www.wikipedia.org • www.breakthesecurity.cysecurity.org • http://www.esecurityplanet.com/ • http://resources.infosecinstitute.com/best-free-and-open-source-sql- injection-tools/