SQL injection prevention techniques

SongchaiDuangpan 494 views 18 slides Apr 17, 2020
Slide 1
Slide 1 of 18
Slide 1
1
Slide 2
2
Slide 3
3
Slide 4
4
Slide 5
5
Slide 6
6
Slide 7
7
Slide 8
8
Slide 9
9
Slide 10
10
Slide 11
11
Slide 12
12
Slide 13
13
Slide 14
14
Slide 15
15
Slide 16
16
Slide 17
17
Slide 18
18

About This Presentation

SQL injection prevention techniques

Size: 4.9 MB
Language: en
Added: Apr 17, 2020
Slides: 18 pages

Slide Content

SQL injection prevention techniques EGCO 627: Web Penetration Testing Mahidol University

What is SQL injection ? An SQL injection is a technique that attackers apply to insert SQL query into input fields to then be processed by the underlying SQL database. These weaknesses are then able to be abused when entry forms allow user-generated SQL statements to query the database directly . “OR 1=1”

What is SQL injection? (Cont.) To give you a typical scenario, take a typical login form consisting of a user/email field and a password field. After the login info is submitted, it is combined with an SQL query on your web server. In PHP, the command is written in the following way:

What is SQL injection? (Cont.) It is sent to the server to verify if it was given a valid username with a corresponding password. A username “ admin ” with the “ admin1234 ” password would result in this command:

What is SQL injection? (Cont.) It will then return user data that was entered in the password field. This move could allow the login screen to be bypassed. An attacker can also go further by adding another select condition, ‘ OR 1=1 ’, that will result in the following query :

What is SQL injection? (Cont.) พิสูจน์ ตัวตนปกติ พิสูจน์ ตัวตน SQLi

SQL Injection - Information Gathering (Cont . ) So I browsed it and I could see this :

SQL Injection - burp suite scan

SQL Injection Authentication Bypass Cheat Sheet or 1=1 or 1=1-- or 1=1# or 1=1/* ' or ' 1 ' = ' 1 admin' -- admin' # admin'/* admin' or '1'='1 admin' or '1'='1'-- admin' or '1'='1'# admin' or '1'='1'/* admin' or 1=1 admin' or 1=1-- admin' or 1=1# admin' or 1=1/* admin') or ('1'='1 admin') or ('1'='1'-- admin') or ('1'='1'# admin') or ('1'='1'/* admin') or '1'='1 admin') or '1'='1'-- admin') or '1'='1'# admin') or '1'='1'/* https ://pentestlab.blog/2012/12/24/sql-injection-authentication-bypass-cheat-sheet /

How to prevent SQL injection attacks SQL injections are one of the most utilized web attack vectors, used with the goal of retrieving sensitive data from organizations . When you hear about stolen credit cards or password lists, they often happen through SQL injection vulnerabilities. Fortunately, there are ways to protect your website from SQL injection attacks.

SQL injection preventaion techniques Escaping Always use character-escaping functions for user-supplied input provided by each database management system (DBMS). This is done to make sure the DBMS never confuses it with the SQL statement provided by the developer .

SQL injection preventaion techniques (Cont.) For example, use the mysql_real_escape_string () in PHP to avoid characters that could lead to an unintended SQL command. A modified version for the login bypass scenario would look like the following :

SQL injection preventaion techniques (Cont.) Previously, your code would be vulnerable to adding an escape character (\) in front of the single quotes. However, having this small alteration will protect against an illegitimate user and mitigate SQL injection.

SQL injection preventaion techniques (Cont.) Prepared  Statements Parameterized queries are a means of pre-compiling a SQL statement so that you can then supply the parameters in order for the statement to be executed. This method makes it possible for the database to recognize the code and distinguish it from input data.

SQL injection preventaion techniques (Cont.) Stored procedures Stored procedures (SP) require the developer to group one or more SQL statements into a logical unit to create an execution plan. Subsequent executions allow statements to be automatically parameterized. Simply put, it is a type of code that can be stored for later and used many times.

SQL injection preventaion techniques (Cont.) Escaping Always use character-escaping functions for user-supplied input provided by each database management system (DBMS). This is done to make sure the DBMS never confuses it with the SQL statement provided by the developer.

SQL injection prevention techniques (Cont.)   input user มาสร้าง query แล้วยิงลง database ตรงๆ โดยไม่มี escape ใดๆ

SQL injection prevention techniques (Cont.) Escape user input
Tags
Categories
General
Download
Download Slideshow Get the original presentation file
Quick Actions
Statistics
  • Views 494
  • Slides 18
  • Age 2055 days
Related Slideshows
Pray For The Peace Of Jerusalem and You Will Prosper 22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
30 views
Don_t_Waste_Your_Life_God.....powerpoint 26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
32 views
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf 31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
30 views
Fertility awareness methods for women in the society 14
Fertility awareness methods for women in the society
Isaiah47
29 views
Chapter 5 Arithmetic Functions Computer Organisation and Architecture 35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
26 views
syakira bhasa inggris (1) (1).pptx....... 5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
28 views
View More in This Category