Presentation is loading. Please wait.

Presentation is loading. Please wait.

SQL INJECTION ATTACKS.

Published byLillian Garrison Modified over 6 years ago

Similar presentations

Presentation on theme: "SQL INJECTION ATTACKS."— Presentation transcript:

1 SQL INJECTION ATTACKS

2 Sql injection is the ability to inject sql commands into the database engine through an existing application. The SQL Injection attack is possible when the programmers who write the code behind the page neglect to properly escape strings that are used in SQL queries. Programs common build SQL queries such to check values. For example the SQL statement: will return one row if the given user/password combination exists in the table users.

3 How to find out which server is on work before breaking in to the site for access, an attacker needs to know which SQL engine is at the back end. If the site has web page extensions like .asp, .aspx etc. then there is a high chance of SQL Server or MS Access. If the pages end as .jsp it could be an Oracle system at your end. If the pages are ending as.php, I guess it will be MySQL.

4 For example, if the web application is not well designed (not coded well) the attackers may read and alter the data present in the database. Instead of entering the username and password, the attackers enter some query to get the information from the database.

5 Ex: If you enter the string ( ' OR ''=‘ ) as both user name and password you can ensure that the WHERE clause always returns true. Without knowing any user names or passwords you can by-pass the log in screen. In this example you get the user name of the first person in the table. SELECT name from users WHERE name='name' AND password='password (ACTUAL) SELECT name from users WHERE name='' OR ''='' AND password='' OR ''='' [  this always returns true and allows him to access].

6 In some cases we don’t know the name of the table or the column names, but we can use the same techniques to find these out. We need to find out the name of the database that they are using. The function DATABASE() will give that value (but you have to guess at it as before). When we know the name of the database being used we can get the names of the tables.

7 Known real-world examples:
On November 1, 2005, a high school student used SQL injection to break into the site of a Taiwanese information security magazine from the Tech Target group and steal customers' information. On August 17, 2009, the United States Justice Department charged an American citizen Albert Gonzalez and two unnamed Russians with the theft of 130 million credit card numbers using an SQL injection attack. On July 24-26, 2010, attackers from within Japan and China used an SQL injection to gain access to customers' credit card data from Neo Beat (an Osaka-based company) that runs a large online supermarket site

8 One more cause for injection:
Metadata: Almost all SQL databases are based on the RDBM (Relational Database Model) . One important fact for SQL Injection Amongst Codd's 12 rules for a Truly Relational Database System: Metadata (data about the database) must be stored in the database just as regular data . Therefore, database structure can also be read and altered with SQL queries .

9 The common attacks are:
Finding out the tables in a database. Finding out the column names in a database. Using the ORDER BY clause to find out the number of columns used in the database.

10 Preventing SQL injection:
The various techniques used to prevent SQL injections are: Parameterized query Stored procedure Regular expression to discard input string . Hiding detailed error messages to the user. Have a less privileged user/role of your application in database etc.

11 Conclusion Protecting against SQL Injection requires Strong Design, correct input validation etc.

Download ppt "SQL INJECTION ATTACKS."

Similar presentations

Module XIV SQL Injection

Module XIV SQL Injection
PHP SQL. Connection code:- mysql_connect(server, username, password); Connect to the Database Server with the authorised user and password. Eg $connect.

PHP SQL. Connection code:- mysql_connect("server", "username", "password"); Connect to the Database Server with the authorised user and password. Eg $connect.
SQL Injection Stephen Frein Comcast.

SQL Injection Stephen Frein Comcast.
Understand Database Security Concepts

Understand Database Security Concepts
How Did I Steal Your Database Mostafa

How Did I Steal Your Database Mostafa
Introduction The concept of “SQL Injection”

Introduction The concept of “SQL Injection”
By Brian Vees.  SQL Injection  Username Enumeration  Cross Site Scripting (XSS)  Remote Code Execution  String Formatting Vulnerabilities.

By Brian Vees.  SQL Injection  Username Enumeration  Cross Site Scripting (XSS)  Remote Code Execution  String Formatting Vulnerabilities.
NAVY Research Group Department of Computer Science Faculty of Electrical Engineering and Computer Science VŠB-TUO 17. listopadu 15 708 33 Ostrava-Poruba.

NAVY Research Group Department of Computer Science Faculty of Electrical Engineering and Computer Science VŠB-TUO 17. listopadu Ostrava-Poruba.
1. What is SQL Injection 2. Different varieties of SQL Injection 3. How to prevent it.

1. What is SQL Injection 2. Different varieties of SQL Injection 3. How to prevent it.
07 December 2009Slide 1 of 1207 December 2009Slide 1 of 12 SQL Injection Primer By Nicole Gray, Cliff McCullough, Joe Hernandez.

07 December 2009Slide 1 of 1207 December 2009Slide 1 of 12 SQL Injection Primer By Nicole Gray, Cliff McCullough, Joe Hernandez.
Database Connectivity Rose-Hulman Institute of Technology Curt Clifton.

Database Connectivity Rose-Hulman Institute of Technology Curt Clifton.
07 December 2009Slide 1 of 9 SQL Injection Primer By Nicole Gray, Cliff McCullough, Joe Hernandez.

07 December 2009Slide 1 of 9 SQL Injection Primer By Nicole Gray, Cliff McCullough, Joe Hernandez.
Security in SQL Jon Holmes CIS 407 Fall 2007. Outline Surface Area Connection Strings Authenticating Permissions Data Storage Injections.

Security in SQL Jon Holmes CIS 407 Fall Outline Surface Area Connection Strings Authenticating Permissions Data Storage Injections.
Albert Gonzales showed early talent and very easily breezed through computer classes. His remarkable computer skills allowed him to hack into the government.

Albert Gonzales showed early talent and very easily breezed through computer classes. His remarkable computer skills allowed him to hack into the government.
Chapter 7 Managing Data Sources. ASP.NET 2.0, Third Edition2.

Chapter 7 Managing Data Sources. ASP.NET 2.0, Third Edition2.
SQL-Injection attacks Damir Lizdek & Dan Rundlöf Language-based security.

SQL-Injection attacks Damir Lizdek & Dan Rundlöf Language-based security.
Dec 13 th CS555 presentation1 Yiwen Wang --“Securing the DB may be the single biggest action an organization can take to protect its assets” David C. Knox.

Dec 13 th CS555 presentation1 Yiwen Wang --“Securing the DB may be the single biggest action an organization can take to protect its assets” David C. Knox.
Check That Input Preventing SQL Injection Attacks By Andrew Morton For CS 410.

Check That Input Preventing SQL Injection Attacks By Andrew Morton For CS 410.
SQL Injection Timmothy Boyd CSE 7330.

SQL Injection Timmothy Boyd CSE 7330.
MIS 5211.001 Week 11 Site:

MIS Week 11 Site:

Similar presentations

Ads by Google