(** Cyber Security Course: https://www.edureka.co/cybersecurity-certification-training **)
This ‘SQL Injection Attack’ PPT by Edureka will help you learn one of the most dangerous web application vulnerability – SQL Injection.
Below is the list of topics covered in this session:
Web Application Security
What is SQL Injection Attack?
Types of SQL Injection attacks
Demo – SQL Injection Attack Types
Prevention of SQL Injection Attack
Cyber Security Playlist: https://bit.ly/2N2jlNN
Cyber Security Blog Series: https://bit.ly/2AuULkP
Instagram: https://www.instagram.com/edureka_lea...
Facebook: https://www.facebook.com/edurekaIN/
Twitter: https://twitter.com/edurekain
LinkedIn: https://www.linkedin.com/company/edureka
4. Cybersecurity Certification Training www.edureka.co/cybersecurity-certification-training
Cybersecurity
Application Security
Network Security
Information Security
Operational Security
Disaster Recovery
End-user Education
Cyber security refers to the body of technologies, processes, and practices designed to protect networks, devices,
programs, and data from attack, damage, or unauthorized access.
5. Cybersecurity Certification Training www.edureka.co/cybersecurity-certification-training
Web Application Vulnerabilities
Application Security
Application security is the use of software, hardware, and procedural
methods to protect applications from external threats.
0% 10% 20% 30% 40% 50%
0.06%
0.19%
0.63%
1.69%
2.19%
2.19%
2.44%
2.75%
8.63%
9.69%
18.01%
4.57%
46.97%
Denial of Service
XML External Entity
Open Direct
General Bypass
Authentication Bypass
Remote File Inclusion
Full Path Disclosure
Remote Code Execution
Local File Inclusion
Cross Site Request Forgery
File Upload
SQL Injection
Cross Site Scripting
8. Front End: HTML, CSS,
JavaScript
The need for more advanced technology
and dynamic websites grew.
Database: MySQL, Oracle,
MongoDB
Back End: .NET, PHP, Ruby,
Python
In the early days of internet, building
websites was pretty straightforward
9. Cybersecurity Certification Training www.edureka.co/cybersecurity-certification-training
What is SQL Injection?
A SQL query is in one
way an application
interacts with database
An SQL Injection occurs
when an application fails to
sanitize the user input data
An attacker can use specially
crafted SQL commands to
control web application’s
database server
10. Cybersecurity Certification Training www.edureka.co/cybersecurity-certification-training
SQL Injection Attack – Non Technical Explanation
Drive through <route> and <where should the bus stop?> if <when should the bus
stop?>.
Sample populated form
Drive through route77 and stop at the bus stop if
there are people at the bus stop
Drive through route77 and do not stop at the bus stop
and ignore the rest of the from. if there are people at
the bus stop
11. Cybersecurity Certification Training www.edureka.co/cybersecurity-certification-training
SQL Injection Attack – Technical Explanation
Sample SQL statement
$statement = “SELECT *
FROM users
WHERE username = ‘$user’ AND password = ‘$password‘“;
$statement = “SELECT *
FROM users
WHERE username = ‘Dean’ AND password = ‘WinchesterS’“;
Sample SQL Injection
Condition that will always be true, thereby it is
accepted as a valid input by the application
Instructs the SQL parser that the rest of the line is
a comment and should not be executed
$statement = “SELECT *
FROM users
WHERE username = ‘Dean OR ‘1’=‘1’ --‘AND password = ‘WinchesterS’“;
12. Cybersecurity Certification Training www.edureka.co/cybersecurity-certification-training
Impact of SQL Injection Attack
Extract sensitive information
Misusing authentication details
Delete data and drop tables
15. Cybersecurity Certification Training www.edureka.co/cybersecurity-certification-training
Error BasedError Based
Types of SQL Injection
Error-based SQL Injection Union-based SQL Injection
Union Based Boolean Based Time Based Out-of-bound
https://example.com/index.php?id=1 AND SELECT "mysql" UNION SELECT @@version
https://example.com/index.php?id=1 AND(SELECT 1 FROM(SELECT
COUNT(*),concat(version(),FLOOR(rand(0)*2))x FROM information_schema.TABLES GROUP
BY x)a)--
https://example.com/index.php?id=1+AND+IF(version()+LIKE+'5%',true,false)
https://example.com/index.php?id=1+AND+IF(version()+LIKE+'5%',sleep(3),false))
Out-of-boundTime BasedUnion Based Boolean Based
17. Cybersecurity Certification Training www.edureka.co/cybersecurity-certification-training
Preventing SQL Injection
Performing static and dynamic testing
Using parameterized queries and ORMs
Using escape characters in SQL queries
Enforcing least privilege on database
Enabling web-application firewalls