07 December 2009Slide 1 of 1207 December 2009Slide 1 of 12 SQL Injection Primer By Nicole Gray, Cliff McCullough, Joe Hernandez.

Slides:



Advertisements
Similar presentations
Module XIV SQL Injection
Advertisements

Becoming a search ninja.. First. Know your enemy.
Revealing the Secrets: Source Code Disclosure, Techniques, and Impacts.
Common Exploits Aaron Cure Cypress Data Defense. SQL Injection.
Understand Database Security Concepts
How Did I Steal Your Database Mostafa
Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.
Google Search Using internet search engine as a tool to find information related to creativity & innovation.
Introduction The concept of “SQL Injection”
NAVY Research Group Department of Computer Science Faculty of Electrical Engineering and Computer Science VŠB-TUO 17. listopadu Ostrava-Poruba.
Spotting Web Vulnerabilities (from the eyes of an Script Kiddie)
IT Security Doug Brown Jeff Bollinger. What is security? P.H.P. People Have Problems Security is the mitigation and remediation of human error in information.
Searching The Web Search Engines are computer programs (variously called robots, crawlers, spiders, worms) that automatically visit Web sites and, starting.
Database Connectivity Rose-Hulman Institute of Technology Curt Clifton.
07 December 2009Slide 1 of 9 SQL Injection Primer By Nicole Gray, Cliff McCullough, Joe Hernandez.
8/2/2007 Google Search Tips: Advanced Features By Robin Hartman, Associate Librarian Darling Library – Hope International University Adapted from “A Google.
WEB SECURITY WORKSHOP TEXSAW 2013 Presented by Joshua Hammond Prepared by Scott Hand.
Presenter Deddie Tjahjono.  Introduction  Website Application Layer  Why Web Application Security  Web Apps Security Scanner  About  Feature  How.
Security and Risk Management. Who Am I Matthew Strahan from Content Security Principal Security Consultant I look young, but I’ve been doing this for.
GONE PHISHING ECE 4112 Final Lab Project Group #19 Enid Brown & Linda Larmore.
GOOGLE HACKING FOR PENETRATION TESTERS Chris Chromiak SentryMetrics March 27 th, 2007.
+ Websites Vulnerabilities. + Content Expand of The Internet Use of the Internet Examples Importance of the Internet How to find Security Vulnerabilities.
Hamdi Yesilyurt, MA Student in MSDF & PhD-Public Affaris SQL Riji Jacob MS Student in Computer Science.
CSCI 6962: Server-side Design and Programming Secure Web Programming.
Copyright Security-Assessment.com 2005 Exposing Web Vulnerabilities The State of Web Application Security by Nick von Dadelszen.
1-Vulnerabilities 2-Hackers 3-Categories of attacks 4-What a malicious hacker do? 5-Security mechanisms 6-HTTP Web Servers 7-Web applications attacks.
Windows Vista Security Center Chapter 5(WV): Protecting Your Computer 9/17/20151Instructor: Shilpa Phanse.
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 5 “Database and Cloud Security”.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
Attacking Applications: SQL Injection & Buffer Overflows.
Copyright ©2004 Foundstone, Inc. All Rights Reserved »Google Hacking Searching For Ways To Stop Hackers Copyright ©2004 Foundstone, Inc. All Rights Reserved.
Analysis of SQL injection prevention using a proxy server By: David Rowe Supervisor: Barry Irwin.
Report task. Security risks such as hacking, viruses and id theft Security prevention such as Firewalls, SSL and general security standards The laws which.
Top Five Web Application Vulnerabilities Vebjørn Moen Selmersenteret/NoWires.org Norsk Kryptoseminar Trondheim
Attacking Data Stores Brad Stancel CSCE 813 Presentation 11/12/2012.
Analysis of SQL injection prevention using a filtering proxy server By: David Rowe Supervisor: Barry Irwin.
Beyond negative security Signatures are not always enough Or Katz Trustwave ot.com/
Security Attacks CS 795. Buffer Overflow Problem Buffer overflows can be triggered by inputs that are designed to execute code, or alter the way the program.
SQL INJECTIONS Presented By: Eloy Viteri. What is SQL Injection An SQL injection attack is executed when a web page allows users to enter text into a.
Copyright Security-Assessment.com 2005 GoogleMonster Using The Google Search Engine For Underhand Purposes by Nick von Dadelszen.
Web Applications Testing By Jamie Rougvie Supported by.
SQL – Injections Intro. Prajen Bhadel College of Information Technology & Engeneering Kathmandu tinkune Sixth semister.
HP World September 2002 Scott S. Blake, CISSP Vice President, Information Security BindView Corporation Vulnerability Assessment and Action.
WEB SECURITY WEEK 2 Computer Security Group University of Texas at Dallas.
Database Security Cmpe 226 Fall 2015 By Akanksha Jain Jerry Mengyuan Zheng.
PHP Error Handling & Reporting. Error Handling Never allow a default error message or error number returned by the mysql_error() and mysql_errno() functions.
SQL Injection Anthony Brown March 4, 2008 IntroductionQuestionsBackgroundTechniquesPreventionDemoConclusions.
Microsoft Advertising 16:9 Template Light Use the slides below to start the design of your presentation. Additional slides layouts (title slides, tile.
1 UNIT 13 The World Wide Web. Introduction 2 Agenda The World Wide Web Search Engines Video Streaming 3.
SQL Injection By Wenonah Abadilla. Topics What is SQL What is SQL Injection Damn Vulnerable Web App SQLI Demo Prepared Statements.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
Stuff to memorise… "A method tells an object to perform an action. A property allows us to read or change the settings of the object."
Modern information gathering Dave van Stein 9 april 2009.
SQL Injection Attacks S Vinay Kumar, 07012D0506. Outline SQL Injection ? Classification of Attacks Attack Techniques Prevention Techniques Conclusion.
Google Hacking: Tame the internet Information Assurance Group 2011.
Final Project: Advanced Security Blade IPS and DLP blades.
Tools We Are Going To Use
Introduction SQL Injection is a very old security attack. It first came into existence in the early 1990's ex: ”Hackers” movie hero does SQL Injection.
SQL INJECTION Diwakar Kumar Dinkar M.Tech, CS&E Roll Diwakar Kumar Dinkar M.Tech, CS&E Roll
SQL Injection By Wenonah Abadilla.
Database and Cloud Security
Final Project: Advanced security blade
Database System Implementation CSE 507
How they work and how to stop them.
Chapter 7: Identifying Advanced Attacks
SQL Injection.
SQL INJECTION ATTACKS.
EC-Council v9 Exam Questions
Lecture 2 - SQL Injection
Protecting Against Common Web Application Vulnerabilities
Presentation transcript:

07 December 2009Slide 1 of 1207 December 2009Slide 1 of 12 SQL Injection Primer By Nicole Gray, Cliff McCullough, Joe Hernandez

07 December 2009Slide 2 of 12 Agenda 1. Overview of SQL Injection 2. Elaboration 3. Detection 4. Prevention 5. Wrap-up

07 December 2009Slide 3 of 12 Vulnerability Input access to a database Outsider Exploit Insider Exploit Trust no one

07 December 2009Slide 4 of 12 Relational Database

07 December 2009Slide 5 of 12 Example Exploit

07 December 2009Slide 6 of 12 Google Hacking Use the Google search engine to identify information or web sites with poor security practices Advanced Operators aid the search Intitle: - restricts the search to text in the title of the page Ex. intitle: SQL allintitle: - similar to intitle operator, allows concatenation of key words in title search Ex. allintitle: SQL Password (is the same as intitle: SQL intitle: Password) inurl:, allinurl: - will search for keywords in the URL Ex. inurl: login.aspx site: - will narrow the search a specific site or domain like uccs.edu or.gov Ex. site:.uccs.edu filetype: - used to search for a specific file like doc, php,cgi, or aspx Ex. filetype:aspx (do not use dot operator to identify the file type, like.doc) intext: - will identify keywords in the text of the webpage Ex. intext: SQL Injection

07 December 2009Slide 7 of 12 Types of SQL Injection Three types ◦ Inband: same user interface i.e. webpage ◦ Out-of-band: different communications channel i.e. Inferential: can’t see the results of injection i.e. blind SQL injection ◦ Error Based – asking the database questions ◦ a‘ or ‘a’ = ‘a Answer may be returned as an error ◦ Union Based – combines the results of two SQL statements ◦ SELECT * from lastname UNION SELECT * from office Blind – asks the database true and false questions may not see specific results ◦ Interrupt or deduce results ◦ Game of 20 questions

07 December 2009Slide 8 of 12 SQL Injection Tools SQL Map* is a tool that aids in the fingerprinting of a backend database SQL Ninja* ◦ Aids in the exploitation of SQL injection vulnerabilities can provide root level command access to system Automagic SQL Injector* ◦ Designed to work with generic installation of MS SQL  ◦ Videos on SQL injection can be found on the internet one great source  *Source: EC Council Certified Ethical Hacker Volume 3 Chapter 19

07 December 2009Slide 9 of 12 Detection Application layer firewalls ◦ Inspects each packet, decides to pass or reject ◦ Easier to update firewall rules than update application program code Intrusion Detection System (IDS) ◦ Network-based, Systems-based, Host-based ◦ Compares packets to known signatures

07 December 2009Slide 10 of 12 Prevention Mitigate the risk Review web applications, program code, and back-end system design SQL queries should be parameterized or stored procedures Validate user input

07 December 2009Slide 11 of 12 Prevention continued Restrict privileges White lists and black lists

07 December 2009Slide 12 of 12 Wrap-up SQL Injection is increasing in prevalence Not possible to absolutely defend against all possible attacks Risk of attack can be reduced: ◦ Maintain firewalls, intrusion detection / prevention systems ◦ Manage access to queries through parameterization and stored procedures ◦ Always validate user input ◦ Restrict accounts ◦ Use whitelists and blacklists.