Example – SQL Injection

Slides:



Advertisements
Similar presentations
Webgoat.
Advertisements

Preventing Web Application Injections with Complementary Character Coding Raymond Mui Phyllis Frankl Polytechnic Institute of NYU Presented at ESORICS.
Past, Present and Future By Eoin Keary and Jim Manico
Web Security Never, ever, trust user inputs Supankar.
What is code injection? Code injection is the exploitation of a computer bug that is caused by processing invalid data. Code injection can be used by.
Network Security Attack Analysis. cs490ns - cotter2 Outline Types of Attacks Vulnerabilities Exploited Network Attack Phases Attack Detection Tools.
Creating Stronger, Safer, Web Facing Code JPL IT Security Mary Rivera June 17, 2011.
©2009 Justin C. Klein Keane PHP Code Auditing Session 5 XSS & XSRF Justin C. Klein Keane
By Brian Vees.  SQL Injection  Username Enumeration  Cross Site Scripting (XSS)  Remote Code Execution  String Formatting Vulnerabilities.
Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.
Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.
Introduction to the OWASP Top 10. Cross Site Scripting (XSS)  Comes in several flavors:  Stored  Reflective  DOM-Based.
CROSS SITE SCRIPTING..! (XSS). Overview What is XSS? Types of XSS Real world Example Impact of XSS How to protect against XSS?
Injection Attacks by Example SQL Injection and XSS Adam Forsythe Thomas Hollingsworth.
Handling Security Threats in Kentico CMS Karol Jarkovsky Sr. Solution Architect Kentico Software
Web Application Attacks ECE 4112 Fall 2007 Group 9 Zafeer Khan & Simmon Yau.
Preventing SQL Injection ~example of SQL injection $user = $_POST[‘user’]; $pass = $_POST[‘pass’]; $query = DELETE FROM Users WHERE user = ‘$user’ AND.
Secure Software Engineering: Input Vulnerabilities
Workshop 3 Web Application Security Li Weichao March
Analysis of SQL injection prevention using a proxy server By: David Rowe Supervisor: Barry Irwin.
Lecture 14 – Web Security SFDV3011 – Advanced Web Development 1.
A Security Review Process for Existing Software Applications
1 PHP and MySQL. 2 Topics  Querying Data with PHP  User-Driven Querying  Writing Data with PHP and MySQL PHP and MySQL.
© All rights reserved. Zend Technologies, Inc. PHP Security Kevin Schroeder Zend Technologies.
Exploitation: Buffer Overflow, SQL injection, Adobe files Source:
Attacking Applications: SQL Injection & Buffer Overflows.
Security Scanners Mark Shtern. Popular attack targets Web – Web platform – Web application Windows OS Mac OS Linux OS Smartphone.
Top Five Web Application Vulnerabilities Vebjørn Moen Selmersenteret/NoWires.org Norsk Kryptoseminar Trondheim
School of Computing and Information Systems CS 371 Web Application Programming Security Avoiding and Preventing Attacks.
OWASP Top Ten #1 Unvalidated Input. Agenda What is the OWASP Top 10? Where can I find it? What is Unvalidated Input? What environments are effected? How.
Website Development with PHP and MySQL Saving Data.
Security Attacks CS 795. Buffer Overflow Problem Buffer overflows can be triggered by inputs that are designed to execute code, or alter the way the program.
Input Validation – common associated risks  ______________ user input controls SQL statements ultimately executed by a database server
Aniket Joshi Justin Thomas. Agenda Introduction to SQL Injection SQL Injection Attack SQL Injection Prevention Summary.
By Sean Rose and Erik Hazzard.  SQL Injection is a technique that exploits security weaknesses of the database layer of an application in order to gain.
Web Application Vulnerabilities ECE 4112 Internetwork Security, Spring 2005 Chris Kelly Chris Lewis April 28, 2005 ECE 4112 Internetwork Security, Spring.
Web Security Lesson Summary ●Overview of Web and security vulnerabilities ●Cross Site Scripting ●Cross Site Request Forgery ●SQL Injection.
Security Attacks CS 795. Buffer Overflow Problem Buffer overflow Analysis of Buffer Overflow Attacks.
 Previous lessons have focused on client-side scripts  Programs embedded in the page’s HTML code  Can also execute scripts on the server  Server-side.
1) PHP – Personal Home Page Scripting Language 2) JavaScript.
INFO 344 Web Tools And Development CK Wang University of Washington Spring 2014.
Example – SQL Injection MySQL & PHP code: // The next instruction prompts the user is to supply an ID $personID = getIDstringFromUser(); $sqlQuery = "SELECT.
Session 11: Cookies, Sessions ans Security iNET Academy Open Source Web Development.
ADVANCED SQL.  The SQL ORDER BY Keyword  The ORDER BY keyword is used to sort the result-set by one or more columns.  The ORDER BY keyword sorts the.
SlideSet #20: Input Validation and Cross-site Scripting Attacks (XSS) SY306 Web and Databases for Cyber Operations.
Web Security (cont.) 1. Referral issues r HTTP referer (originally referrer) – HTTP header that designates calling resource  Page on which a link is.
SQL Injection.
Group 18: Chris Hood Brett Poche
Module: Software Engineering of Web Applications
An Introduction to Web Application Security
Receiving form Variables
Module: Software Engineering of Web Applications
Web Application Vulnerabilities, Detection Mechanisms, and Defenses
Introduction to Dynamic Web Programming
Chapter 7: Identifying Advanced Attacks
Cross-Site Scripting Travis Deyarmin.
Static Detection of Cross-Site Scripting Vulnerabilities
CS 371 Web Application Programming
A Security Review Process for Existing Software Applications
Security of web applications.
Web Systems Development (CSC-215)
PHP: Security issues FdSc Module 109 Server side scripting and
CSC 495/583 Topics of Software Security Intro to Web Security
Lecture 2 - SQL Injection
WWW安全 國立暨南國際大學 資訊管理學系 陳彥錚.
PHP Forms and Databases.
Protecting Against Common Web Application Vulnerabilities
Lecture 27 Security I April 4, 2018 Open news web sites.
Presentation transcript:

Example – SQL Injection MySQL & PHP code: // The next instruction prompts the user to supply an ID $personID = getIDstringFromUser(); $sqlQuery = "SELECT * FROM Users WHERE userID = " + $personID; What if the user supplies the following string for $personID? The resulting string assigned to sqlQuery is SELECT * FROM Users WHERE userID = _________ What if the user supplies the following string for $personID? Please check out OWASP

Input Validation – HOW? _________ user input controls SQL statements ultimately executed by a database server http://www.tizag.com/mysqlTutorial/mysql-php-sql-injection.php _____________________ attacker sends malicious values via URL parameters https://www.owasp.org/index.php/Web_Parameter_Tampering

Input Validation – common associated risks ____________ user input controls file location “double-dot attack” _____________ user input controls file naming in such a way as to get a program to read, write or delete files that should be protected Denial of Service user input controls causes application to consume excessive resources or simply stop executing due to unacceptable input _____________ user input leads to revealing confidential information that can be used as part of a more sophisticated attack Buffer Overflows user input controls exceeds limits in a way that allows the attacker to control application behavior _____________ user input injects commands, often via meta-characters, that cause a server to perform unintended functions

Cross Site Scripting (XSS) more common associated risks Cross Site Scripting (XSS) user input controls injects HTML or script commands into Web application causing the Web application to breach its security http://www.acunetix.com/websitesecurity/xss.htm <html> <head> <title>My Javascript Page</title> </head> <body> type your name here >>> <input type="text" id="userInput"> </input> <button onclick="buttonHandler()">Submit</button> <script> var thing = "blah"; function buttonHandler() { var stuff = document.getElementById("userInput").value; document.write(stuff); } </script> </body> </html>

user input injects commands, often via meta-characters, that cause still more common associated risks ______________ user input injects commands, often via meta-characters, that cause a server to perform unintended functions Buffer Overflows user input controls exceeds limits in a way that allows the attacker to control application behavior

Before Mitigation Step 1 -  user interface  files  parameters of externally-invoked methods  network sockets/ports  network certificates  URLs (passed to Web servers)  cookies Step 2 - Step 3 –

Mitigation Techniques Bounds Checking Pattern Matching Data Reflecting Sanitizing Double Decoding Escaping Text Full Syntactic Analysis Exception Handling

Equivalent HTML escape Escaping Text Escaping individual characters is a particularly effective way of mitigating XSS. Character Equivalent HTML escape “ &#34 # &#35 & &#38 ‘ &#39 ( &#40 ) &#41 / &#47 ; &#59 < &#60 > &#62 Use prepackaged best practice sanitation https://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.