Preventing MySQL Injection Sonja Parson COSC 5010 Security Presentation April 26, 2005.

Slides:

Advertisements

Similar presentations

Module XIV SQL Injection

Advertisements

PHP SQL. Connection code:- mysql_connect("server", "username", "password"); Connect to the Database Server with the authorised user and password. Eg $connect.

Password Cracking Lesson 10. Why crack passwords?

-Ajay Babu.D y5cs022.. Contents Who is hacker? History of hacking Types of hacking Do You Know? What do hackers do? - Some Examples on Web application.

The Essence of Command Injection Attacks in Web Applications Zhendong Su and Gary Wassermann Present by Alon Kremer April 2011.

Introduction The concept of “SQL Injection”

SQL Injection Attacks Prof. Jim Whitehead CMPS 183: Spring 2006 May 17, 2006.

1. What is SQL Injection 2. Different varieties of SQL Injection 3. How to prevent it.

Database Connectivity Rose-Hulman Institute of Technology Curt Clifton.

Web Application Security An Introduction. OWASP Top Ten Exploits *Unvalidated Input Broken Access Control Broken Authentication and Session Management.

Security in SQL Jon Holmes CIS 407 Fall Outline Surface Area Connection Strings Authenticating Permissions Data Storage Injections.

Web Application Vulnerabilities Checklist. EC-Council Parameter Checklist  URL request  URL encoding  Query string  Header  Cookie  Form field 

Martin Kruliš by Martin Kruliš (v1.0)1.

{ Code Injection Cable Johnson.  Overview  Common Injection Types  Developer Prevention Code Injection.

PHP-MySQL By Jonathan Foss. PHP and MySQL Server Web Browser Apache PHP file PHP MySQL Client Recall the PHP architecture PHP can communicate with a MySQL.

Preventing SQL Injection ~example of SQL injection $user = $_POST[‘user’]; $pass = $_POST[‘pass’]; $query = DELETE FROM Users WHERE user = ‘$user’ AND.

Check That Input Preventing SQL Injection Attacks By Andrew Morton For CS 410.

Yvan Cartwright, Web Security Introduction Correct encryption use Guide to passwords Dictionary hacking Brute-force hacking.

MIS Week 11 Site:

Class 8Intro to Databases Authentication and Security Note: What we discuss in class today covers moderate to low security. Before you involve yourself.

CSCI 6962: Server-side Design and Programming JDBC Database Programming.

Introduction to InfoSec – Recitation 7 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)

Lecture 14 – Web Security SFDV3011 – Advanced Web Development 1.

© All rights reserved. Zend Technologies, Inc. PHP Security Kevin Schroeder Zend Technologies.

CIS 450 – Network Security Chapter 8 – Password Security.

Attacking Applications: SQL Injection & Buffer Overflows.

CGI Security COEN 351. CGI Security Security holes are exploited by user input. We need to check user input against Buffer overflows etc. that cause a.

COMP3121 E-Commerce Technologies Richard Henson University of Worcester November 2011.

David Evans CS150: Computer Science University of Virginia Computer Science Class 31: Cookie Monsters and Semi-Secure.

Accessing MySQL with PHP IDIA 618 Fall 2014 Bridget M. Blodgett.

IOTA Improved Design and Implementation of a Modular and Extensible Course Management System Andrew Hamilton 5 th Period.

1. Connecting database from PHP 2. Sending query 3. Fetching data 4. Persistent connections 5. Best practices.

Analysis of SQL injection prevention using a filtering proxy server By: David Rowe Supervisor: Barry Irwin.

Accessing Your MySQL Database from the Web with PHP (Ch 11) 1.

SQL Injection Jason Dunn. SQL Overview Structured Query Language For use with Databases Purpose is to retrieve information Main Statements Select Insert.

Aniket Joshi Justin Thomas. Agenda Introduction to SQL Injection SQL Injection Attack SQL Injection Prevention Summary.

Introduction to InfoSec – SQLI and jQuery (R9)

Group Name: PNT Group Members: Prabin Joshi and Ngoc Vu.

Joshua Fuller. - Passwords keep your information private - Never tell your password to ANYONE - Change your password regularly Basic Security.

Form Handling IDIA 618 Fall 2014 Bridget M. Blodgett.

Michael Dalton, Christos Kozyrakis, and Nickolai Zeldovich MIT, Stanford University USENIX 09’ Nemesis: Preventing Authentication & Access Control Vulnerabilities.

IS2803 Developing Multimedia Applications for Business (Part 2) Lecture 1: Introduction to IS2803 Rob Gleasure

Secure Authentication. SQL Injection Many web developers are unaware of how SQL queries can be tampered with SQL queries are able to circumvent access.

ASSIGNMENT 02 – Week of Nov 16 th IDEAS SQL insert and update statements Programmers-defined functions in PHP PHP safe IO functions: mysql_real_escape_string.

INFO 344 Web Tools And Development CK Wang University of Washington Spring 2014.

How Web Database Architectures Work CPS181s April 8, 2003.

CSCI 530 Lab Passwords. Overview Authentication Passwords Hashing Breaking Passwords Dictionary Hybrid Brute-Force Rainbow Tables Detection.

SQL Injection Josh Mann. What is SQL Injection  SQL injection is a technique for exploiting web applications that use client-supplied data in SQL queries.

Session 11: Cookies, Sessions ans Security iNET Academy Open Source Web Development.

10 Tips for Building a Secure PHP Application. Tip 1: Use Proper Error Reporting/Handling  The development process of the application can become very.

Aaron Corso COSC Spring What is LAMP?  A ‘solution stack’, or package of an OS and software consisting of:  Linux  Apache  MySQL  PHP.

SQL Injection. Who Am I? Sean Taylor Computer Science major Software developer Web developer Amateur hacker.

Zac Fenigshtien  Introduction: 3 Tier Architecture  SQL Injection ◦ Parameter Sandboxing ◦ Blacklisting, Whitelisting.

PHP is a server scripting language, and a powerful tool for making dynamic and interactive Web pages. PHP is a widely-used, free, and efficient alternative.

SQL INJECTION Diwakar Kumar Dinkar M.Tech, CS&E Roll Diwakar Kumar Dinkar M.Tech, CS&E Roll

Cosc 5/4765 Database security. Database Databases have moved from internal use only to externally accessible. –Organizations store vast quantities of.

SQL Injection Attacks.

Web Application Vulnerabilities, Detection Mechanisms, and Defenses

SQL INJECTION ATTACKS.

Pengantar Keamanan Informasi

CS 465 PasswordS Last Updated: Nov 7, 2017.

Web Systems Development (CSC-215)

Login & administration page

Web Systems Development (CSC-215)

Defense in Depth Web Server Custom HTTP Handler Input Validation

PHP: Security issues FdSc Module 109 Server side scripting and

Lecture 2 - SQL Injection

PHP Forms and Databases.

Presentation transcript:

Preventing MySQL Injection Sonja Parson COSC 5010 Security Presentation April 26, 2005

Introduction  Used PHP, MySQL, and HTML for this project  Can access from the web  Username and Password needed to be secure  Wanted to protect against SQL injection attacks

MySQL Query Problems  Regular Expression Matching  Period(.)  Match any character (including carriage return and newline)  [:alnum:]  Match any alphanumeric characters  Single Quote (‘)  Ends a query  Now, you can type your own query into the field

Simple Solutions  Make sure that you limit the length of a parameter  Helps prevent someone from sending a query to the database through the username or password fields  Use secure passwords

A Few Functions (PHP)  Mysql_escape_string()  Mysql_real_escape_string()  Crypt()

Mysql_escape_string()  Escapes a string for use in a mysql query  Does not escape % and _  Does not respect the current charset setting  Example:  <?php  $item = “Sonja’s Laptop”;  $escaped_item = mysql_escape_string($item);  Printf(“%s\n”, $escaped_item);  ?>  Would return:  Sonja\’s Laptop

Mysql_real_escape_string()  Identical to mysql_escape_string(), but is connection oriented.  Takes into account the current charset of the database connection  Mysql_escape_string($unescaped_st ring, $link_to_database);

Crypt()  Crypt() is a one-way string encryption (hashing).  Uses standard DES-based encryption scheme  Uses the string and a salt to encrypt the string  If the salt is not provided, one is randomly generated by PHP each time the function is called.

Conclusion  By using the aforementioned functions, you can secure your database from unwanted attacks (assuming you wrote good enough code)  Websites are easy to hack when you have the source code  Website is secure from SQL injection attacks  SQL injection attacks are easy to do, but can also be easily guarded against

References  PHP, MySQL functions  ysql.php ysql.php  MySQL Reference Manual: MySQL Regular Expressions  n/regexp.html n/regexp.html