Presentation is loading. Please wait.

Presentation is loading. Please wait.

Example – SQL Injection

Published byCuthbert Carpenter Modified over 6 years ago

Similar presentations

Presentation on theme: "Example – SQL Injection"— Presentation transcript:

1 Example – SQL Injection
MySQL & PHP code: // The next instruction prompts the user to supply an ID $personID = getIDstringFromUser(); $sqlQuery = "SELECT * FROM Users WHERE userID = " + $personID; What if the user supplies the following string for $personID? The resulting string assigned to sqlQuery is SELECT * FROM Users WHERE userID = _________ What if the user supplies the following string for $personID? Please check out OWASP

2 Input Validation – HOW? _________
user input controls SQL statements ultimately executed by a database server _____________________ attacker sends malicious values via URL parameters

3 Input Validation – common associated risks
____________ user input controls file location “double-dot attack” _____________ user input controls file naming in such a way as to get a program to read, write or delete files that should be protected Denial of Service user input controls causes application to consume excessive resources or simply stop executing due to unacceptable input _____________ user input leads to revealing confidential information that can be used as part of a more sophisticated attack Buffer Overflows user input controls exceeds limits in a way that allows the attacker to control application behavior _____________ user input injects commands, often via meta-characters, that cause a server to perform unintended functions

4 Cross Site Scripting (XSS)
more common associated risks Cross Site Scripting (XSS) user input controls injects HTML or script commands into Web application causing the Web application to breach its security <html> <head> <title>My Javascript Page</title> </head> <body> type your name here >>> <input type="text" id="userInput"> </input> <button onclick="buttonHandler()">Submit</button> <script> var thing = "blah"; function buttonHandler() { var stuff = document.getElementById("userInput").value; document.write(stuff); } </script> </body> </html>

5 user input injects commands, often via meta-characters, that cause
still more common associated risks ______________ user input injects commands, often via meta-characters, that cause a server to perform unintended functions Buffer Overflows user input controls exceeds limits in a way that allows the attacker to control application behavior

6 Before Mitigation Step 1 -  user interface  files
 parameters of externally-invoked methods  network sockets/ports  network certificates  URLs (passed to Web servers)  cookies Step 2 - Step 3 –

7 Mitigation Techniques
Bounds Checking Pattern Matching Data Reflecting Sanitizing Double Decoding Escaping Text Full Syntactic Analysis Exception Handling

8 Equivalent HTML escape
Escaping Text Escaping individual characters is a particularly effective way of mitigating XSS. Character Equivalent HTML escape &#34 # &#35 & &#38 &#39 ( &#40 ) &#41 / &#47 ; &#59 < &#60 > &#62 Use prepackaged best practice sanitation

Download ppt "Example – SQL Injection"

Similar presentations

Webgoat.

Webgoat.
Preventing Web Application Injections with Complementary Character Coding Raymond Mui Phyllis Frankl Polytechnic Institute of NYU Presented at ESORICS.

Preventing Web Application Injections with Complementary Character Coding Raymond Mui Phyllis Frankl Polytechnic Institute of NYU Presented at ESORICS.
Past, Present and Future By Eoin Keary and Jim Manico

Past, Present and Future By Eoin Keary and Jim Manico
Web Security Never, ever, trust user inputs Supankar.

Web Security Never, ever, trust user inputs Supankar.
What is code injection? Code injection is the exploitation of a computer bug that is caused by processing invalid data. Code injection can be used by.

What is code injection? Code injection is the exploitation of a computer bug that is caused by processing invalid data. Code injection can be used by.
Network Security Attack Analysis. cs490ns - cotter2 Outline Types of Attacks Vulnerabilities Exploited Network Attack Phases Attack Detection Tools.

Network Security Attack Analysis. cs490ns - cotter2 Outline Types of Attacks Vulnerabilities Exploited Network Attack Phases Attack Detection Tools.
Creating Stronger, Safer, Web Facing Code JPL IT Security Mary Rivera June 17, 2011.

Creating Stronger, Safer, Web Facing Code JPL IT Security Mary Rivera June 17, 2011.
©2009 Justin C. Klein Keane PHP Code Auditing Session 5 XSS & XSRF Justin C. Klein Keane

©2009 Justin C. Klein Keane PHP Code Auditing Session 5 XSS & XSRF Justin C. Klein Keane
By Brian Vees.  SQL Injection  Username Enumeration  Cross Site Scripting (XSS)  Remote Code Execution  String Formatting Vulnerabilities.

By Brian Vees.  SQL Injection  Username Enumeration  Cross Site Scripting (XSS)  Remote Code Execution  String Formatting Vulnerabilities.
Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.

Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.
Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.

Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.
Introduction to the OWASP Top 10. Cross Site Scripting (XSS)  Comes in several flavors:  Stored  Reflective  DOM-Based.

Introduction to the OWASP Top 10. Cross Site Scripting (XSS)  Comes in several flavors:  Stored  Reflective  DOM-Based.
CROSS SITE SCRIPTING..! (XSS). Overview What is XSS? Types of XSS Real world Example Impact of XSS How to protect against XSS?

CROSS SITE SCRIPTING..! (XSS). Overview What is XSS? Types of XSS Real world Example Impact of XSS How to protect against XSS?
Injection Attacks by Example SQL Injection and XSS Adam Forsythe Thomas Hollingsworth.

Injection Attacks by Example SQL Injection and XSS Adam Forsythe Thomas Hollingsworth.
Handling Security Threats in Kentico CMS Karol Jarkovsky Sr. Solution Architect Kentico Software

Handling Security Threats in Kentico CMS Karol Jarkovsky Sr. Solution Architect Kentico Software
Web Application Attacks ECE 4112 Fall 2007 Group 9 Zafeer Khan & Simmon Yau.

Web Application Attacks ECE 4112 Fall 2007 Group 9 Zafeer Khan & Simmon Yau.
Preventing SQL Injection ~example of SQL injection $user = $_POST[‘user’]; $pass = $_POST[‘pass’]; $query = DELETE FROM Users WHERE user = ‘$user’ AND.

Preventing SQL Injection ~example of SQL injection $user = $_POST[‘user’]; $pass = $_POST[‘pass’]; $query = DELETE FROM Users WHERE user = ‘$user’ AND.
Secure Software Engineering: Input Vulnerabilities

Secure Software Engineering: Input Vulnerabilities
Workshop 3 Web Application Security Li Weichao March 14 2014.

Workshop 3 Web Application Security Li Weichao March
Analysis of SQL injection prevention using a proxy server By: David Rowe Supervisor: Barry Irwin.

Analysis of SQL injection prevention using a proxy server By: David Rowe Supervisor: Barry Irwin.

Similar presentations

Ads by Google