Presentation is loading. Please wait.

Presentation is loading. Please wait.

SQL Injection.

Published byAmberly Turner Modified over 6 years ago

Similar presentations

Presentation on theme: "SQL Injection."— Presentation transcript:

1 SQL Injection

2 Common Attacks on Databases
Unauthorized Privilege Escalation: Individuals attempting to increase their privileges by attacking vulnerable points in the DBMS. Privilege Abuse: Authorized users accessing/modifying data in an unauthorized way. Example: a TA lowering the grades of students they dislike. Denial of Service: An attempt to make database resources unavailable to intended users. Often a general attack which attempts to consume network, data, or processing resources through excessive/expensive queries. Weak Authentication: Impersonating an authorized user to gain access (password stealing / phishing).

3 SQL Injection This attack involves a malicious user providing unexpected input that modifies the SQL query to perform unintended actions. Lets imagine a simple authentification procedure that asks a user for a name (josh) and password (zoe1234) and checks if such an entry exists in the database: SELECT * FROM users WHERE name = 'josh' and password = 'zoe1234'; If the user supplies malicious input like: name (josh) and password (i_dont_know' or 'x'='x), here's the new query: SELECT * FROM users WHERE name = 'josh' and password = 'i_dont_know' or 'x'='x'; This changed query will always return rows and "authenticate" the user despite providing the wrong password. This type of SQL injection is called SQL manipulation.

4 Other types of SQL Injection
Code Injection Adding additional SQL statements or commands to the existing SQL statement by exploiting a computer bug, which is caused by processing invalid data. This is often involves buffer overruns and stack overflows from unexpectedly large input payloads. Function Call Injection: This attack exploits the system-provided functions that many SQL queries invoke to cause unexpected behavior.

5 Risks from SQL Injection
Database fingerprinting: The database response to injection can often reveal information regarding the version of DBMS being used and susceptibility to other attacks. Denial of Service: Malicious queries often take longer to process, allowing a denial of service. Bypassing authentication: Very common problem, where an attacker makes a query succeed despite not having authorization. Identifying injectable parameters: Error message responses (which should be turned off in production databases) can be used to identify the structures within the database vulnerable to attack. Executing remote commands: A remote user can execute stored database procedures and functions leading to control over the entire OS.

6 Solutions to SQL Injection
Bind Variables Use parameterized statements Don't insert raw text into SQL statements, instead use parameters with will be bound to a variable when needed. It is both more performant and more secure. Filtering Input: Validate your input Remove escape characters (like the apostrophe) However, there are many escape characters, so you should use a built in to the database replace function. But even that isn't foolproof so bind your variables instead.

Download ppt "SQL Injection."

Similar presentations

Module XIV SQL Injection

Module XIV SQL Injection
SQL Injection Stephen Frein Comcast.

SQL Injection Stephen Frein Comcast.
Network Security Attack Analysis. cs490ns - cotter2 Outline Types of Attacks Vulnerabilities Exploited Network Attack Phases Attack Detection Tools.

Network Security Attack Analysis. cs490ns - cotter2 Outline Types of Attacks Vulnerabilities Exploited Network Attack Phases Attack Detection Tools.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,

Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
Understand Database Security Concepts

Understand Database Security Concepts
WebGoat & WebScarab “What is computer security for $1000 Alex?”

WebGoat & WebScarab “What is computer security for $1000 Alex?”
How Did I Steal Your Database Mostafa

How Did I Steal Your Database Mostafa
ITEC403 Graduation Project Applications’ Security – Cem Yağlı.

ITEC403 Graduation Project Applications’ Security – Cem Yağlı.
Introduction The concept of “SQL Injection”

Introduction The concept of “SQL Injection”
By Brian Vees.  SQL Injection  Username Enumeration  Cross Site Scripting (XSS)  Remote Code Execution  String Formatting Vulnerabilities.

By Brian Vees.  SQL Injection  Username Enumeration  Cross Site Scripting (XSS)  Remote Code Execution  String Formatting Vulnerabilities.
Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.

Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.
SQL Injection and Buffer overflow

SQL Injection and Buffer overflow
Sara SartoliAkbar Siami Namin NSF-SFS workshop July 14-18, 2014.

Sara SartoliAkbar Siami Namin NSF-SFS workshop July 14-18, 2014.
Dec 13 th CS555 presentation1 Yiwen Wang --“Securing the DB may be the single biggest action an organization can take to protect its assets” David C. Knox.

Dec 13 th CS555 presentation1 Yiwen Wang --“Securing the DB may be the single biggest action an organization can take to protect its assets” David C. Knox.
Hamdi Yesilyurt, MA Student in MSDF & PhD-Public Affaris SQL Riji Jacob MS Student in Computer Science.

Hamdi Yesilyurt, MA Student in MSDF & PhD-Public Affaris SQL Riji Jacob MS Student in Computer Science.
(CPSC620) Sanjay Tibile Vinay Deore. Agenda  Database and SQL  What is SQL Injection?  Types  Example of attack  Prevention  References.

(CPSC620) Sanjay Tibile Vinay Deore. Agenda  Database and SQL  What is SQL Injection?  Types  Example of attack  Prevention  References.
CSCI 6962: Server-side Design and Programming Secure Web Programming.

CSCI 6962: Server-side Design and Programming Secure Web Programming.
Web Application Access to Databases. Logistics Test 2: May 1 st (24 hours) Extra office hours: Friday 2:30 – 4:00 pm Tuesday May 5 th – you can review.

Web Application Access to Databases. Logistics Test 2: May 1 st (24 hours) Extra office hours: Friday 2:30 – 4:00 pm Tuesday May 5 th – you can review.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Lecture 16 Page 1 CS 236 Online SQL Injection Attacks Many web servers have backing databases –Much of their information stored in a database Web pages.

Lecture 16 Page 1 CS 236 Online SQL Injection Attacks Many web servers have backing databases –Much of their information stored in a database Web pages.

Similar presentations

Ads by Google