SQL Injection.

Slides:

Advertisements

Similar presentations

Module XIV SQL Injection

Advertisements

SQL Injection Stephen Frein Comcast.

Network Security Attack Analysis. cs490ns - cotter2 Outline Types of Attacks Vulnerabilities Exploited Network Attack Phases Attack Detection Tools.

Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,

Understand Database Security Concepts

WebGoat & WebScarab “What is computer security for $1000 Alex?”

How Did I Steal Your Database Mostafa

ITEC403 Graduation Project Applications’ Security – Cem Yağlı.

Introduction The concept of “SQL Injection”

By Brian Vees.  SQL Injection  Username Enumeration  Cross Site Scripting (XSS)  Remote Code Execution  String Formatting Vulnerabilities.

Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.

SQL Injection and Buffer overflow

Sara SartoliAkbar Siami Namin NSF-SFS workshop July 14-18, 2014.

Dec 13 th CS555 presentation1 Yiwen Wang --“Securing the DB may be the single biggest action an organization can take to protect its assets” David C. Knox.

Hamdi Yesilyurt, MA Student in MSDF & PhD-Public Affaris SQL Riji Jacob MS Student in Computer Science.

(CPSC620) Sanjay Tibile Vinay Deore. Agenda  Database and SQL  What is SQL Injection?  Types  Example of attack  Prevention  References.

CSCI 6962: Server-side Design and Programming Secure Web Programming.

Web Application Access to Databases. Logistics Test 2: May 1 st (24 hours) Extra office hours: Friday 2:30 – 4:00 pm Tuesday May 5 th – you can review.

Computer Security and Penetration Testing

Lecture 16 Page 1 CS 236 Online SQL Injection Attacks Many web servers have backing databases –Much of their information stored in a database Web pages.

OSI and TCP/IP Models And Some Vulnerabilities AfNOG th May 2011 – 10 th June 2011 Tanzania By Marcus K. G. Adomey.

Attacking Applications: SQL Injection & Buffer Overflows.

1.2 Security. Computer security is a branch of technology known as information security, it is applied to computers and networks. It is used to protect.

Top Five Web Application Vulnerabilities Vebjørn Moen Selmersenteret/NoWires.org Norsk Kryptoseminar Trondheim

NMD202 Web Scripting Week3. What we will cover today Includes Exercises PHP Forms Exercises Server side validation Exercises.

Attacking Data Stores Brad Stancel CSCE 813 Presentation 11/12/2012.

Analysis of SQL injection prevention using a filtering proxy server By: David Rowe Supervisor: Barry Irwin.

Accessing Your MySQL Database from the Web with PHP (Ch 11) 1.

Security Attacks CS 795. Buffer Overflow Problem Buffer overflows can be triggered by inputs that are designed to execute code, or alter the way the program.

Input Validation – common associated risks  ______________ user input controls SQL statements ultimately executed by a database server

Sumanth M Ganesh B CPSC 620.  SQL Injection attacks allow a malicious individual to execute arbitrary SQL code on your server  The attack could involve.

Aniket Joshi Justin Thomas. Agenda Introduction to SQL Injection SQL Injection Attack SQL Injection Prevention Summary.

By Sean Rose and Erik Hazzard.  SQL Injection is a technique that exploits security weaknesses of the database layer of an application in order to gain.

Crash Course in Web Hacking

SQL – Injections Intro. Prajen Bhadel College of Information Technology & Engeneering Kathmandu tinkune Sixth semister.

What is exactly Exploit writing?  Writing a piece of code which is capable of exploit the vulnerability in the target software.

WEB SECURITY WEEK 2 Computer Security Group University of Texas at Dallas.

COMP9321 Web Application Engineering Semester 2, 2015 Dr. Amin Beheshti Service Oriented Computing Group, CSE, UNSW Australia Week 9 1COMP9321, 15s2, Week.

Database Security Cmpe 226 Fall 2015 By Akanksha Jain Jerry Mengyuan Zheng.

Security Attacks CS 795. Buffer Overflow Problem Buffer overflow Analysis of Buffer Overflow Attacks.

Module: Software Engineering of Web Applications Chapter 3 (Cont.): user-input-validation testing of web applications 1.

Secure Authentication. SQL Injection Many web developers are unaware of how SQL queries can be tampered with SQL queries are able to circumvent access.

Example – SQL Injection MySQL & PHP code: // The next instruction prompts the user is to supply an ID $personID = getIDstringFromUser(); $sqlQuery = "SELECT.

SQL Injection Josh Mann. What is SQL Injection  SQL injection is a technique for exploiting web applications that use client-supplied data in SQL queries.

By Collin Donaldson. Hacking is only legal under the following circumstances: 1.You hack (penetration test) a device/network you own. 2.You gain explicit,

SQL Injection By: Ayman Mohamed Abdel Rahim Ali Ehab Mohamed Hassan Ibrahim Bahaa Eldin Mohamed Abdel Sabour Tamer Mohamed Kamal Eldin Jihad Ahmad Adel.

SQL INJECTION Lecturer: A.Prof.Dr. DANG TRAN KHANH Student :Le Nguyen Truong Giang.

SQL Injection Attacks S Vinay Kumar, 07012D0506. Outline SQL Injection ? Classification of Attacks Attack Techniques Prevention Techniques Conclusion.

Introduction SQL Injection is a very old security attack. It first came into existence in the early 1990's ex: ”Hackers” movie hero does SQL Injection.

SQL INJECTION Diwakar Kumar Dinkar M.Tech, CS&E Roll Diwakar Kumar Dinkar M.Tech, CS&E Roll

Database and Cloud Security

Application Vulnerabilities

Database System Implementation CSE 507

Module: Software Engineering of Web Applications

CSC 482/582: Computer Security

Chapter 7: Identifying Advanced Attacks

Example – SQL Injection

SQL INJECTION ATTACKS.

SQL Injection Attacks Many web servers have backing databases

Pengantar Keamanan Informasi

A Security Review Process for Existing Software Applications

Intro to Ethical Hacking

PHP: Security issues FdSc Module 109 Server side scripting and

Network Security: DNS Spoofing, SQL Injection, ARP Poisoning

Chapter 13 Security Methods Part 3.

Brute force attacks, DDOS, Botnet, Exploit, SQL injection

Lecture 2 - SQL Injection

CS5123 Software Validation and Quality Assurance

Intro to Ethical Hacking

FIGURE Illustration of Stack Buffer Overflow

Presentation transcript:

SQL Injection

Common Attacks on Databases Unauthorized Privilege Escalation: Individuals attempting to increase their privileges by attacking vulnerable points in the DBMS. Privilege Abuse: Authorized users accessing/modifying data in an unauthorized way. Example: a TA lowering the grades of students they dislike. Denial of Service: An attempt to make database resources unavailable to intended users. Often a general attack which attempts to consume network, data, or processing resources through excessive/expensive queries. Weak Authentication: Impersonating an authorized user to gain access (password stealing / phishing).

SQL Injection This attack involves a malicious user providing unexpected input that modifies the SQL query to perform unintended actions. Lets imagine a simple authentification procedure that asks a user for a name (josh) and password (zoe1234) and checks if such an entry exists in the database: SELECT * FROM users WHERE name = 'josh' and password = 'zoe1234'; If the user supplies malicious input like: name (josh) and password (i_dont_know' or 'x'='x), here's the new query: SELECT * FROM users WHERE name = 'josh' and password = 'i_dont_know' or 'x'='x'; This changed query will always return rows and "authenticate" the user despite providing the wrong password. This type of SQL injection is called SQL manipulation.

Other types of SQL Injection Code Injection Adding additional SQL statements or commands to the existing SQL statement by exploiting a computer bug, which is caused by processing invalid data. This is often involves buffer overruns and stack overflows from unexpectedly large input payloads. Function Call Injection: This attack exploits the system-provided functions that many SQL queries invoke to cause unexpected behavior. http://www.informationsecuritybuzz.com/articles/detecting-and-investigating-sql-injection-attacks/

Risks from SQL Injection Database fingerprinting: The database response to injection can often reveal information regarding the version of DBMS being used and susceptibility to other attacks. Denial of Service: Malicious queries often take longer to process, allowing a denial of service. Bypassing authentication: Very common problem, where an attacker makes a query succeed despite not having authorization. Identifying injectable parameters: Error message responses (which should be turned off in production databases) can be used to identify the structures within the database vulnerable to attack. Executing remote commands: A remote user can execute stored database procedures and functions leading to control over the entire OS.

Solutions to SQL Injection Bind Variables Use parameterized statements Don't insert raw text into SQL statements, instead use parameters with will be bound to a variable when needed. It is both more performant and more secure. Filtering Input: Validate your input Remove escape characters (like the apostrophe) However, there are many escape characters, so you should use a built in to the database replace function. But even that isn't foolproof so bind your variables instead.