SQL injection Figure 1 By Kaveri Bhasin
SQL injection
Figure 1
By Kaveri Bhasin
Motive of SQL Injection
• Obtain data from database
• Modify system functions
• Insert data in the backend database
Figure 2.
VictimsMostly Web applications with user input
facilities.
Simplest Procedure
1. Guess field names.
2. Construct a query and check for SQL status
3. If server gives error, field name is incorrect, else
lets proceed…
Cont.
• With the correct field, construct SQL query and inject
Example: 101 AND Len(( SELECT first_name FROM user_data
WHERE userid =15613)) = 6
Paper overview
• Types of Vulnerabilities
• Measures
• Tools (Webgoat)
Types of vulnerabilities
• Database system vulnerability
• Type handling
• Injected filtered escape characters
Measures
• Web application design: Analyze against vulnerabilities
• Use strongly defined types and validation for user input
• Use parameterized queries
Tools
• Webgoat
Developed by OWASP.org
Free source to experiment and learnt about SQL injection
Conclusion
SQL injection is a serious concern
A single design error can be disastrous for the security of sensitive information
References
• Figure 1. http://ocliteracy.com/techtips/sql-injection.html
• Figure 2. “Towards an Aspect-Oriented Intrusion Detection Framework”
• Zhi Jian Zhu and Mohammad Zulkernine• http://www.owasp.org/• http://www.spidynamics.com/papers/SQLInjection
WhitePaper.pdf