Scribd Logo
Upload

Welcome to Scribd!

  • 12 views

    SQL Injection

    Uploaded by

    Ladla Syed
    Presentation

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd

    SQL Injection

    Uploaded by

    Ladla Syed
    12 views15 pages
    Presentation

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Presentation

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Download as pptx, pdf, or txt
    12 views15 pages

    SQL Injection

    Uploaded by

    Ladla Syed
    Presentation

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Download as pptx, pdf, or txt
    You are on page 1of 15

    SQL INJECTION

    Subject: cyber Security


    Presented by: Syed Qamar Abbas
    What is SQL?

    • SQL stands for Structured Query Language


    • Allows us to access a database
    • ANSI and ISO standard computer language
    - The most current standard is SQL99
    • SQL can:
    - insert new records in a database
    - execute queries against a database
    - delete records from a database
    - retrieve data from a database
    - update records in a database
    SQL is a standard - but

    • There are many different versions of the SQLlanguage.


    • They support the same major keywords in a similar
    manner (such as SELECT, UPDATE, DELETE, INSERT,
    WHERE, and others).
    • Most of the SQL database programs also have their own
    proprietary extensions in addition to the SOL standard!
    WHAT IS SQL INJECTION?

    • SQL injection is a type of security vulnerability that occurs


    when an attacker can insert or "inject" malicious SQL code
    into a query.
    • This usually happens when a web application or service
    fails to properly validate or sanitize user input. As a result,
    the injected SQL code can manipulate the database in
    unintended ways.
    • For example:
    SELECT * FROM users WHERE username = 'user_input' AND
    password = 'password_input';
    DAIGRAM:
    cont

    SQL injection can be used to perform a range of malicious


    actions, including:
    • Bypassing authentication: Logging in as any user
    without valid credentials.
    • Retrieving data: Extracting sensitive information from the
    database.
    • Modifying data: Updating or deleting records.
    • Executing administrative operations: Running
    administrative commands on the database server.
    How common is it? its vulnerable
    application.

    • Legacy Systems and Poor Practices: Many older systems


    and applications were built before modern security practices
    became standard. These systems might not use parameterized
    queries or other defenses against SQL injection.
    • Inadequate Input Validation: Some applications still fail to
    properly validate and sanitize user input. This is often due to a
    lack of awareness, oversight, or resources allocated for security.
    • Human Error: Developers might inadvertently introduce SQL
    injection vulnerabilities through mistakes or oversights,
    especially if they’re not fully familiar with best practices for
    secure coding.
    EXAMPLE

    • SQL injection has been used in numerous high-profile attacks.


    For example, the 2009 SQL injection attack on the website of
    the company T.J. Maxx led to the breach of over 45 million credit
    card numbers.
    • SQL injection consistently appears in the OWASP Top Ten list of
    the most critical web application security risks, which is updated
    regularly to reflect current threats.
    • Security industry reports and vulnerability databases like CVE
    (Common Vulnerabilities and Exposures) frequently list SQL
    injection vulnerabilities. These reports indicate that it remains a
    prevalent and exploited issue.
    Detection and Mitigation

    • Automated Scanners: Tools like OWASP ZAP, Burp Suite, or


    SQLmap can help detect SQL injection vulnerabilities.
    • Manual Testing: Security professionals often perform manual
    penetration testing to uncover such vulnerabilities.
    • Parameterized Queries: Ensure that all SQL queries are
    parameterized to separate data from the SQL code.
    • Regular Security Audits: Conduct regular security reviews and
    penetration tests to identify and address potential vulnerabilities.
    • Employ ORM Libraries: When using ORMs, make sure they are
    properly configured and used to avoid manual SQL queries where
    injection can occur.
    Character or Patterns

    Single quote (“ ' ”):


    • Used to terminate a string literal
    • SELECT * FROM users WHERE username = '' OR '1'='1';
    • Can be used to bypass authentication or manipulate queries.
    Double Quote(“ " ”):
    • Also used for string literals, similar to single quotes, depending on SQL
    dialect.
    SEMI COLON(“ ; ”):
    • Used to terminate one SQL statement and begin another.
    • SELECT * FROM users; DROP TABLE users;
    • Can allow the execution of additional commands.
    Cont.

    DASH DASH (“ –- “):


    • Used for comments in SQL.
    • Everything after –- is treated as a comment, which can be
    used to ignore the rest of the query.
    • SELECT * FROM users WHERE username = '' OR '1'='1' --' AND
    password = '';
    • This can bypass parts of the query.
    Cont.

    Union(‘union’):
    • Combines results from multiple queries into one result set.
    • SELECT username, password FROM users UNION SELECT
    credit_card_number, expiration_date FROM credit_cards;
    • Can be used to extract data from other tables.
    Boolean Conditions(‘ 1=1,0=1’):
    • Used to manipulate query logic
    • SELECT * FROM users WHERE username = '' OR '1'='1';
    Example.

    • Bypassing Login Authentication:


    SELECT * FROM users WHERE username = '' OR '1'='1' AND
    password = '';
    • Extracting Data:
    SELECT username, password FROM users UNION SELECT
    credit_card_number, expiration_date FROM credit_cards;
    • Deleting Data:
    SELECT * FROM users; DROP TABLE users;
    SQL injection:

    • SQL injection remains a prevalent and serious security


    vulnerability due to its potential for exploitation and the
    common occurrence of inadequate security practices
    • Despite advances in security awareness and technology,
    SQL injection can still be a significant risk for many
    applications, especially those with legacy code, insufficient
    input validation, or improper use of database queries.
    PROCESS:

    You might also like

    pFad - Phonifier reborn

    Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

    Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


    Alternative Proxies:

    Alternative Proxy

    pFad Proxy

    pFad v3 Proxy

    pFad v4 Proxy