SQL Injection. Meganadha Reddy K. Technical Trainer NetCom Learning Meganadha Reddy K., 2015

Transcription

1 SQL Injection Meganadha Reddy K. Technical Trainer NetCom Learning

2 Agenda Overview of Hacking : 5 Mins Hackers Approach : 5 Mins SQL Injection Background : 10 Mins SQL Injection Techniques : 10 Mins Preventing SQL Injection : 10 Mins Demos : 10 Mins Q & A : 10 Mins This is L100 Webinar on SQL Injection

3 Computer Hacking In the computer security context, hacking is exploiting weaknesses in a computer system or computer network. For stealing confidential data.

4 Why people do computer hacking? Well!!! This webinar is not on human psychology

5 Why people do computer hacking? On a lighter note [These could be some reasons] MONEY [This is obvious reason] To know how much boss is getting paid?? His company might have sacked him and he wants to take revenge by deleting some data. For some people, hacking can be fun as well. BUT HACKING IS CRIME We should design our software in such a way that its hard to hack

6 Ethical Hacking Well!!! Hacking itself is a CRIME., then what is Ethical hacking? There are even plenty of courses On Ethical Hacking Even companies do recruit ethical hackers

7 Types of hacking? Type-1: Guessing the access code or credentials [Normally by trial and error mode] a. Manual way b. By automation Type-2: Through a programming script / some code.

8 SQL Injection Exam Results Enter your roll number : On click of Search, Query will be framed as: Select * from Students where RollNo =

9 SQL Injection Exam Results Enter your roll number : Roll Name Name Score Result Curious George 95 Pass

10 SQL Injection I want to know results of all students. But I don t know their roll numbers How to Hack????

11 SQL Injection Let me try SQL Injection

12 SQL Injection Exam Results Enter your roll number : or 1=1 Select * from Students where RollNo = or 1=1

13 SQL Injection Exam Results Enter your roll number : or 1=1 Roll Name Name Score Result Curious George 95 Pass I got the highest score Nick 90 Pass Doug 30 Fail Meg 90 Pass

14 SQL Injection What can be done? Read Crucial Data Any Data Operation SQL Injection Delete Data All required is : To know the table name And well formed SQL Query Drop Tables Alter Tables

15 SQL Injection Query Appending Select * from Students where RollNo = or 1=1 All the records in the table will be displayed in result grid Select * from Students where RollNo = ; Delete from Students All the records from the table Students will be deleted Select * from Students where RollNo = ; Drop table Students Table Students will be deleted for ever

16 Preventing from SQL Injection Do not allow = in the input textbox. [Do JavaScript validation] Do not allow single quotes or double quotes in the input textbox Have a limit to the input length of textbox Scan query string for undesirable word combinations that indicate SQL statements [Example : Insert, Drop etc., ] Limit database permissions to the credentials used for website. I only read is required provide only read access. [Never provide DBA role] Use Stored Procedures instead of Inline Queries

17 SQL Injection Some more demos Demo

18 That s all for now Hope all attendees got a clear idea on SQL Injection Thanks for Joining

19 Some Relevant Courses CEH: Certified Ethical Hacker v8 & CNDA: Certified Network Defense Architect Students will begin by understanding perimeter defenses work and then be lead into scanning and attacking their own networks, no real network is harmed. Students then learn how intruders escalate intruders escalate privileges and what steps can be taken to secure a system. Students will also learn about Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation.

20 Q & A?