Scribd
Upload
33 views

SQL Injection Exercise

This document discusses SQL injection attacks. SQL injection targets database-backed applications by inserting SQL statements as input run by the application. Parameters, form input, URLs, and cookies can be exploited. It is the most common web application attack and has been the number one vulnerability on the OWASP Top 10 since 2010. The document provides an example of SQL injection using a vulnerable code snippet and URL. It also discusses preventing SQL injection through sanitizing and verifying inputs, escaping special characters, using ORM frameworks, and limiting database access. Finally, it describes a demo of a red and blue team performing SQL injection and detection.

Uploaded by

cmgarciasilva
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
33 views

SQL Injection Exercise

This document discusses SQL injection attacks. SQL injection targets database-backed applications by inserting SQL statements as input run by the application. Parameters, form input, URLs, and cookies can be exploited. It is the most common web application attack and has been the number one vulnerability on the OWASP Top 10 since 2010. The document provides an example of SQL injection using a vulnerable code snippet and URL. It also discusses preventing SQL injection through sanitizing and verifying inputs, escaping special characters, using ORM frameworks, and limiting database access. Finally, it describes a demo of a red and blue team performing SQL injection and detection.

Uploaded by

cmgarciasilva
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 11

Anže Žitnik SQL Injection

XLAB 22 September 2020

Co-funded by the European Commission


Horizon 2020 – Grant # 786668
SQL injection

Attack type targeting database-backed applications


SQL statements inserted as input and run by the
application
Parameters, form input, URL, cookies...
Most common web application attack
First mentioned in 1998
Injection #1 on OWASP Top 10 since 2010

20/09/23 – www.cyberwiser.eu - @cyberwiser 2


SQL injection: latest attacks

20/09/23 – www.cyberwiser.eu - @cyberwiser 3


SQL injection: example

Example code:
String query = “SELECT * FROM accounts WHERE custID = ’” +
request.getParameter(“id”) + “’”;

Example URL: http://example.com/app/accountView?id=’ or ‘1’=’1


Resulting query:
SELECT * FROM accounts WHERE custID = ’’ or ‘1’=‘1’

Modify, delete data, call arbitrary code (DB and


system!)

20/09/23 – www.cyberwiser.eu - @cyberwiser 4


SQL injection: prevention

Sanitize, verify inputs (server side)


Escape special characters
Use ORM frameworks
Limit access as much as possible (permissions for DB
user)
Include security testing in development/release

Regularly update CMS (WordPress, Drupal, Joomla)

20/09/23 – www.cyberwiser.eu - @cyberwiser 5


Demo

SQL injection
Red team and blue team
CYBERWISER.eu tools

Red team:
Can use prepared vuln.
detection script
Goal: Exploit SQLi to
find secret flag
Blue team:
Can use tools for attack detection, risk assessment
Goal: Choose correct mitigation among the offered ones
20/09/23 – www.cyberwiser.eu - @cyberwiser 6
Demo

20/09/23 – www.cyberwiser.eu - @cyberwiser 7


Demo

20/09/23 – www.cyberwiser.eu - @cyberwiser 8


Demo

20/09/23 – www.cyberwiser.eu - @cyberwiser 9


Demo

20/09/23 – www.cyberwiser.eu - @cyberwiser 10


Thank you for your attention! Questions?

Main contact:
Anže Žitnik
XLAB
[email protected]

www.cyberwiser.eu @cyberwiser

You might also like