Presentation is loading. Please wait.

Presentation is loading. Please wait.

SQL Injection Josh Mann. What is SQL Injection  SQL injection is a technique for exploiting web applications that use client-supplied data in SQL queries.

Published byEgbert May Modified over 8 years ago

Similar presentations

Presentation on theme: "SQL Injection Josh Mann. What is SQL Injection  SQL injection is a technique for exploiting web applications that use client-supplied data in SQL queries."— Presentation transcript:

1 SQL Injection Josh Mann

2 What is SQL Injection  SQL injection is a technique for exploiting web applications that use client-supplied data in SQL queries without stripping potentially harmful characters first.

3 What applications are at risk  CGI  PHP  ASP  JSP  etc

4 Viewing the Source   'COSC 1200 '   Checking Grades   Username:   Password:   Submit 

5 Some SQL Injection True Statements  ' or 1=1--  " or 1=1--  or 1=1--  ' or 'a'='a  " or "a"="a  ') or ('a'='a  And many more I am sure

6 Remote Execution Example  '; exec master..xp_cmdshell 'ping 10.10.1.2'-- The ‘; will end the current statement allowing what ever else follows to be executed (shutdown, delete, update, etc)

7 Value of error statements  No Table named ‘Users’ Useful when trying to learn about the database and how it is built (describe and show)

8 Company vulnerabilities  Over 50% of companies may be vulnerable to this type of attack  Easy to protect against  Easy to learn

9 Why Do We Care  Allows access to protected and private information  Cost to business  Possible loss of information

10 Inspiration for this topic  COSC 1200 website for displaying students grades. Designed in PHP Using regular expression matching for password verification Not validating user input before attempting to use it in SQL query

11 Known Exploit  Attempted to produce my own SQL injection statements to break this application but ran short on time. Found 1 known exploit in the password matcher (used a regular expression as password)

12

13

14

15 Good point to the Application  The application does not display any user information even when compromised

16 References  http://www.securiteam.com/securityreviews/5DP0N1P76E. html http://www.securiteam.com/securityreviews/5DP0N1P76E. html  http://www.spidynamics.com/papers/SQLInjectionWhitePap er.pdf http://www.spidynamics.com/papers/SQLInjectionWhitePap er.pdf  http://www.unixwiz.net/techtips/sql-injection.html http://www.unixwiz.net/techtips/sql-injection.html  http://www.4guysfromrolla.com/webtech/061902-1.shtml http://www.4guysfromrolla.com/webtech/061902-1.shtml  http://msdn.microsoft.com/msdnmag/issues/04/09/SQLInj ection/default.aspx http://msdn.microsoft.com/msdnmag/issues/04/09/SQLInj ection/default.aspx  http://www.imperva.com/application_defense_center/white _papers/sql_injection_signatures_evasion.html http://www.imperva.com/application_defense_center/white _papers/sql_injection_signatures_evasion.html

17 Q&A

Download ppt "SQL Injection Josh Mann. What is SQL Injection  SQL injection is a technique for exploiting web applications that use client-supplied data in SQL queries."

Similar presentations

Module XIV SQL Injection

Module XIV SQL Injection
Web Security Never, ever, trust user inputs Supankar.

Web Security Never, ever, trust user inputs Supankar.
What is code injection? Code injection is the exploitation of a computer bug that is caused by processing invalid data. Code injection can be used by.

What is code injection? Code injection is the exploitation of a computer bug that is caused by processing invalid data. Code injection can be used by.
© 2008 Security Compass inc. 1 Firefox Plug-ins for Application Penetration Testing Exploit-Me.

© 2008 Security Compass inc. 1 Firefox Plug-ins for Application Penetration Testing Exploit-Me.
Understand Database Security Concepts

Understand Database Security Concepts
How Did I Steal Your Database Mostafa

How Did I Steal Your Database Mostafa
-Ajay Babu.D y5cs022.. Contents Who is hacker? History of hacking Types of hacking Do You Know? What do hackers do? - Some Examples on Web application.

-Ajay Babu.D y5cs022.. Contents Who is hacker? History of hacking Types of hacking Do You Know? What do hackers do? - Some Examples on Web application.
Introduction The concept of “SQL Injection”

Introduction The concept of “SQL Injection”
By Brian Vees.  SQL Injection  Username Enumeration  Cross Site Scripting (XSS)  Remote Code Execution  String Formatting Vulnerabilities.

By Brian Vees.  SQL Injection  Username Enumeration  Cross Site Scripting (XSS)  Remote Code Execution  String Formatting Vulnerabilities.
1. What is SQL Injection 2. Different varieties of SQL Injection 3. How to prevent it.

1. What is SQL Injection 2. Different varieties of SQL Injection 3. How to prevent it.
Sara SartoliAkbar Siami Namin NSF-SFS workshop July 14-18, 2014.

Sara SartoliAkbar Siami Namin NSF-SFS workshop July 14-18, 2014.
SQL-Injection attacks Damir Lizdek & Dan Rundlöf Language-based security.

SQL-Injection attacks Damir Lizdek & Dan Rundlöf Language-based security.
SQL Injection Timmothy Boyd CSE 7330.

SQL Injection Timmothy Boyd CSE 7330.
MIS 5211.001 Week 11 Site:

MIS Week 11 Site:
+ Websites Vulnerabilities. + Content Expand of The Internet Use of the Internet Examples Importance of the Internet How to find Security Vulnerabilities.

+ Websites Vulnerabilities. + Content Expand of The Internet Use of the Internet Examples Importance of the Internet How to find Security Vulnerabilities.
Analysis of SQL injection prevention using a proxy server By: David Rowe Supervisor: Barry Irwin.

Analysis of SQL injection prevention using a proxy server By: David Rowe Supervisor: Barry Irwin.
Lecture 14 – Web Security SFDV3011 – Advanced Web Development 1.

Lecture 14 – Web Security SFDV3011 – Advanced Web Development 1.
Web Application Access to Databases. Logistics Test 2: May 1 st (24 hours) Extra office hours: Friday 2:30 – 4:00 pm Tuesday May 5 th – you can review.

Web Application Access to Databases. Logistics Test 2: May 1 st (24 hours) Extra office hours: Friday 2:30 – 4:00 pm Tuesday May 5 th – you can review.
Preventing SQL Injection Attacks in Stored Procedures Alex Hertz Chris Daiello CAP6135Dr. Cliff Zou University of Central Florida March 19, 2009.

Preventing SQL Injection Attacks in Stored Procedures Alex Hertz Chris Daiello CAP6135Dr. Cliff Zou University of Central Florida March 19, 2009.
Lecture 16 Page 1 CS 236 Online SQL Injection Attacks Many web servers have backing databases –Much of their information stored in a database Web pages.

Lecture 16 Page 1 CS 236 Online SQL Injection Attacks Many web servers have backing databases –Much of their information stored in a database Web pages.

Similar presentations

Ads by Google