SQL Injection
> SQL Injection allows a user to specified query to execute in
Database.
> SQL queries run in Database.
> Mo...
SQL attack Steps
>Searching for a Vulnerable point.
>Fingerprinting the backend database.
>Retrieving data of interest- ta...
Problems
>The attacker can delete, Modify or even steal your data.
>Compromises the safety, security and trust of user dat...
Hacking on login Page
Username:
Password:
1. Enter in username and password this text 'or''=' , this should
logged in and ...
Statement Injection
Attacker inputs abcd as a username and ';drop table xyz--' as a
password in the login form.
Then query...
Union Query
Username:
Password:
Attacker enter query union select * from emp_details-- in
username and password abcd. Then...
URLs Rules
●No paratheses or anular brackets in the URL.
●URL should not end with two or more dashes(--)
●URL should not e...
Escape and validate Inputs
Escape all Inputs:-
Whether supplied via Post data or via url.
Anything goes to DB is escaped.
...
Quick Fixes
When have large setup or lots of code, then put some SQL
injection detetion pattern in Load balancer.
And chec...
Thanks
Reema
Upcoming SlideShare
Loading in …5
×

Sql injection presentation

329 views

Published on

SQL injection

Published in: Data & Analytics, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
329
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
9
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Sql injection presentation

  1. 1. SQL Injection > SQL Injection allows a user to specified query to execute in Database. > SQL queries run in Database. > Most of time it alters the original database.
  2. 2. SQL attack Steps >Searching for a Vulnerable point. >Fingerprinting the backend database. >Retrieving data of interest- tables, username/password etc. >After information Handy=> ● OS take over ● Data change ● Webserver take over
  3. 3. Problems >The attacker can delete, Modify or even steal your data. >Compromises the safety, security and trust of user data. >Compromises the ability to stay in business.
  4. 4. Hacking on login Page Username: Password: 1. Enter in username and password this text 'or''=' , this should logged in and show username but not password. 2. Enter username admin and password 'or'1'='1 Like this there are many code to put for login:- 'or'x'='x ')or('x'='x and1=1 'or0=0-- “or0=0-- == and1=1-- etc. Submit
  5. 5. Statement Injection Attacker inputs abcd as a username and ';drop table xyz--' as a password in the login form. Then query is like this:- Select * from user_details where userid='abcd' and password=';drop table xyz' Attacker using this query delete the table. Some sites for test:- http://demo.testfire.net http://testphp.vulnweb.com http://testasp.vulnweb.com
  6. 6. Union Query Username: Password: Attacker enter query union select * from emp_details-- in username and password abcd. Then attacker able to see all the data from database.
  7. 7. URLs Rules ●No paratheses or anular brackets in the URL. ●URL should not end with two or more dashes(--) ●URL should not end with “/*”. ●No schema, table or column names should be part of your URL.
  8. 8. Escape and validate Inputs Escape all Inputs:- Whether supplied via Post data or via url. Anything goes to DB is escaped. Validate all inputs:- Validating a free form Text fields for allowed chars(Numbers, latters, whitespace, ._-)
  9. 9. Quick Fixes When have large setup or lots of code, then put some SQL injection detetion pattern in Load balancer. And check easily and quickly.
  10. 10. Thanks Reema

×