1. What is SQL Injection 2. Different varieties of SQL Injection 3. How to prevent it.

Slides:



Advertisements
Similar presentations
PHP SQL. Connection code:- mysql_connect("server", "username", "password"); Connect to the Database Server with the authorised user and password. Eg $connect.
Advertisements

Introduction The concept of “SQL Injection”
By Brian Vees.  SQL Injection  Username Enumeration  Cross Site Scripting (XSS)  Remote Code Execution  String Formatting Vulnerabilities.
SQL Injection Attacks Prof. Jim Whitehead CMPS 183: Spring 2006 May 17, 2006.
Misc. Announcements Backup your work! Document team members’ contributions (so that if there is any dispute …) More Bonus credits: Create screencasts for.
Database Connectivity Rose-Hulman Institute of Technology Curt Clifton.
SQL Injection Attacks CS 183 : Hypermedia and the Web UC Santa Cruz.
Preventing SQL Injection ~example of SQL injection $user = $_POST[‘user’]; $pass = $_POST[‘pass’]; $query = DELETE FROM Users WHERE user = ‘$user’ AND.
Check That Input Preventing SQL Injection Attacks By Andrew Morton For CS 410.
SQL Injection Timmothy Boyd CSE 7330.
Lecture 3 – Data Storage with XML+AJAX and MySQL+socket.io
PHP Security.
Session 5: Working with MySQL iNET Academy Open Source Web Development.
An anti-hacking guide.  Hackers are kindred of expert programmers who believe in freedom and spirit of mutual help. They are not malicious. They may.
CSCI 6962: Server-side Design and Programming JDBC Database Programming.
Analysis of SQL injection prevention using a proxy server By: David Rowe Supervisor: Barry Irwin.
Hamdi Yesilyurt, MA Student in MSDF & PhD-Public Affaris SQL Riji Jacob MS Student in Computer Science.
(CPSC620) Sanjay Tibile Vinay Deore. Agenda  Database and SQL  What is SQL Injection?  Types  Example of attack  Prevention  References.
CSCI 6962: Server-side Design and Programming Secure Web Programming.
Lecture 14 – Web Security SFDV3011 – Advanced Web Development 1.
Attacking Applications: SQL Injection & Buffer Overflows.
Accessing MySQL with PHP IDIA 618 Fall 2014 Bridget M. Blodgett.
Analysis of SQL injection prevention using a proxy server By: David Rowe Supervisor: Barry Irwin.
Web Scripting [PHP] CIS166AE Wednesdays 6:00pm – 9:50pm Rob Loy.
MySQL Databases & PHP Integration Using PHP to write data to, and retrieve data from, a MySQL database.
Attacking Data Stores Brad Stancel CSCE 813 Presentation 11/12/2012.
Analysis of SQL injection prevention using a filtering proxy server By: David Rowe Supervisor: Barry Irwin.
Accessing Your MySQL Database from the Web with PHP (Ch 11) 1.
Security Attacks CS 795. Buffer Overflow Problem Buffer overflows can be triggered by inputs that are designed to execute code, or alter the way the program.
SQL INJECTIONS Presented By: Eloy Viteri. What is SQL Injection An SQL injection attack is executed when a web page allows users to enter text into a.
Aniket Joshi Justin Thomas. Agenda Introduction to SQL Injection SQL Injection Attack SQL Injection Prevention Summary.
Building Secure Web Applications With ASP.Net MVC.
By Sean Rose and Erik Hazzard.  SQL Injection is a technique that exploits security weaknesses of the database layer of an application in order to gain.
Web Application Vulnerabilities ECE 4112 Internetwork Security, Spring 2005 Chris Kelly Chris Lewis April 28, 2005 ECE 4112 Internetwork Security, Spring.
SQL – Injections Intro. Prajen Bhadel College of Information Technology & Engeneering Kathmandu tinkune Sixth semister.
Security Considerations Steve Perry
Controlling Web Site Access Using Logins CS 320. Basic Approach HTML form a php page that collects the username and password  Sends them to second PHP.
Web Scripting [PHP] CIS166AE Wednesdays 6:00pm – 9:50pm Rob Loy.
WEB SECURITY WEEK 2 Computer Security Group University of Texas at Dallas.
Web Security Lesson Summary ●Overview of Web and security vulnerabilities ●Cross Site Scripting ●Cross Site Request Forgery ●SQL Injection.
Database Security Cmpe 226 Fall 2015 By Akanksha Jain Jerry Mengyuan Zheng.
Security Attacks CS 795. Buffer Overflow Problem Buffer overflow Analysis of Buffer Overflow Attacks.
8 Chapter Eight Server-side Scripts. 8 Chapter Objectives Create dynamic Web pages that retrieve and display database data using Active Server Pages Process.
JDBC CS 260 Database Systems. Overview  Introduction  JDBC driver types  Eclipse project setup  Programming with JDBC  Prepared statements  SQL.
Preventing MySQL Injection Sonja Parson COSC 5010 Security Presentation April 26, 2005.
Secure Authentication. SQL Injection Many web developers are unaware of how SQL queries can be tampered with SQL queries are able to circumvent access.
INFO 344 Web Tools And Development CK Wang University of Washington Spring 2014.
Databases Kevin Wright Ben Bruckner Group 40. Outline Background Vulnerabilities Log File Cleaning This Lab.
Example – SQL Injection MySQL & PHP code: // The next instruction prompts the user is to supply an ID $personID = getIDstringFromUser(); $sqlQuery = "SELECT.
SQL Injection Attacks An overview by Sameer Siddiqui.
SQL Injection Josh Mann. What is SQL Injection  SQL injection is a technique for exploiting web applications that use client-supplied data in SQL queries.
ADVANCED SQL.  The SQL ORDER BY Keyword  The ORDER BY keyword is used to sort the result-set by one or more columns.  The ORDER BY keyword sorts the.
SQL Injection By: Ayman Mohamed Abdel Rahim Ali Ehab Mohamed Hassan Ibrahim Bahaa Eldin Mohamed Abdel Sabour Tamer Mohamed Kamal Eldin Jihad Ahmad Adel.
CS320 Web and Internet Programming Database Access with JDBC Chengyu Sun California State University, Los Angeles.
SQL INJECTION Diwakar Kumar Dinkar M.Tech, CS&E Roll Diwakar Kumar Dinkar M.Tech, CS&E Roll
SQL Injection Attacks.
SQL Injection.
Web Application Vulnerabilities, Detection Mechanisms, and Defenses
CS320 Web and Internet Programming Database Access with JDBC
Unix System Administration
This shows the user interface and the SQL Select for a situation with two criteria in an AND relationship.
SQL INJECTION ATTACKS.
Pengantar Keamanan Informasi
Oracle Accounts on Campus
Website Development Basics with PHP MySQL
Web Systems Development (CSC-215)
Defense in Depth Web Server Custom HTTP Handler Input Validation
PHP: Security issues FdSc Module 109 Server side scripting and
Chapter 13 Security Methods Part 3.
Lecture 2 - SQL Injection
Presentation transcript:

1. What is SQL Injection 2. Different varieties of SQL Injection 3. How to prevent it

What is SQL Injection? SQL injection is a type of exploit in which attackers add SQL code into web page form input box or into URL’s code to make changes to databases and gain access to resources. A form of attack on a database-driven Web site in which the attacker executes unauthorized SQL commands by taking advantage of insecure code on a system connected to the Internet. SQL injection attacks are used to steal information from a database from which the data would normally not be available and/or to gain access to an organization's host computers through the computer that is hosting the database. (

Note before proceeding Single quote (‘) is used to end the string part of SQL queries # tells SQL queries to halt after input

Different varieties of SQL injection By input form OR By manipulating URLs ‘; DROP TABLE login;’

By input form Use to inject ' OR 1' Behind the scene SELECT * FROM usersTb WHERE username = ‘ OR 1’ Every entries in users table will be selected What happens? The OR of 1 will always be true, therefore attacker bypass the selection process

By input form continue… An ok input $name = “minh”; $queries = “SELECT * FROM usersTb WHERE username = ‘$name’”; An attacker input $name = “‘ OR 1’”; $queries = “SELECT * FROM usersTb WHERE username = ‘$name’”; Display SELECT * FROM usersTb WHERE username = '' OR 1'' Attackers gain access to data since OR 1 will always be true

By input form continue… More serious attack $ name= "'; DELETE FROM usersTb WHERE 1 or username = '"; $query = "SELECT * FROM usersTb WHERE username = '$name'"; What it looks like in query SELECT * FROM usersTb WHERE username = ' '; DELETE FROM usersTb WHERE 1 or username = ' '

By URL injection A simple hyperlink By inputting SQL code into the URL ‘; DROP TABLE login; # You get DROP TABLE login; # Result Drop the entire table of users

Preventions Limit the number of fields length '; DELETE FROM usersTB WHERE 1 or username = ‘ Data types validation Use mysql_real_escape_string() mysql_real_escape_string() calls MySQL's library function mysql_real_escape_string, which prepends backslashes to the following characters: \x00, \n, \r, \, ', " and \x1a. (php.net)

Preventions continue… The use of mysql_real_escape_string() $name = “‘ OR 1’”; $name = mysql_real_escape_string($name); $queries = “SELECT * FROM usersTb WHERE username = ‘$name’”; Display SELECT * FROM usersTb WHERE username = '\' OR 1\''

Preventions continue… $ name= "'; DELETE FROM usersTb WHERE 1 or username = '"; $name = mysql_real_escape_string($name); $query = "SELECT * FROM usersTb WHERE username = '$name'"; Display SELECT * FROM usersTb WHERE username = '\'; DELETE FROM usersTb WHERE 1 or username = \''

References injection-prevention-mysql-php injection-prevention-mysql-php escape-string.php escape-string.php

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.