Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

There are a fair number of resources available with cheat sheets for different t

ID: 3800343 • Letter: T

Question

There are a fair number of resources available with cheat sheets for different types of Web attacks. One of the reasons for this is because there are so many different ways to perform these attacks. Use your favorite search engine to find a cheat sheet and provide an attack string. Along with the attack string, identify the attack type and, to the very best of your knowledge, how the attack works. What are the different components and why is it formatted the way it is? What is the expected outcome if the attack were to be successful?

Explanation / Answer

SQL Injection (SQLi) Cheat Sheet, Attack Examples & Protection

SQL Injection, sometimes shortened to SQLi, is perhaps the most commonly employed hacking technique today, constantly making headlines and appearing in vulnerability reports. These malicious injections have been regularly starring in the OWASP Top-10 lists for years and they took the first place in the 2013 OWASP Top-10.

Before diving into how to prevent SQLi, it’s very important to understand the origins of SQL. We are looking at a programming language designed especially for managing information and interacting with databases. SQL has been in constant use since the mid-80s, but has not quite adapted to the huge changes and advances in technology.

SQL can be broken down to major language elements – Queries, Clauses, Expressions, Predicates and Statements. For example, expressions produce scalar values or plain tables that consist of columns and rows of data. Most importantly, queries retrieve data based on specific criteria and are widely used in hacking procedures.

The command most relevant to SQL Injections is “and 1=1”, which always returns a positive answer. This feature is almost always used while hacking into SQL databases. Apostrophes and Semicolons also are integral parts of the SQL grammar and feature extensively in SQLi exploitations.

What is SQL injection?

Generally speaking, SQLi are unsanitized user input vulnerabilities. The most common exploitation is in log-in fields of unprotected web and mobile applications. Since all modern applications (web and mobile) use centralized databases to deliver and render information, such hacking opportunities exist in virtually all leading e-commerce, social and financial websites and applications.

SQLi are basically SQL commands that are maliciously injected into SQL statements via an unsanitized input field. This is how the hackers illegally communicate with the application’s database, harvesting sensitive information and assuming control of the application for their personal benefit.

How is it done?

The character “‘” is entered into the search field and pressing the button leads to an error page which displays more information than needed.

This example showcases a badly and insecurely programmed application that is incapable of handling SQL Injections. Just a few illegal characters with a little sniffing around leads the hacker to this string: “‘ union select password from users;”. He can then implement this finding to harvest usernames and passwords from the database.

This of course is just one basic way to exploit application databases. Data hacking and extraction can also be easily performed and automated with commonly available third party software such as SQL Ninja and SQL Map.

What are the damages caused by SQL Injections?

How do you ensure your code cannot be hacked with SQL Injections?

In order to avoid SQL injections, it is imperative that any input the application receives is sanitized to validate that what the application is expecting to receive as input. For example, a book name should indeed be a book name and not a malicious SQL script.

Most programming frameworks have input sanitization methods that should be used whenever possible. In addition, the following security steps should be taken to neutralize SQL injections:

How to Prevent SQL injection attacks?

Checkmarx’s Static Application Security Testing (SAST) solution automatically scans your application’s source code, mapping the data flow from the input to the sink. Flows that do not include a sanitation method are automatically flagged as potential SQL injection vulnerabilities.

Related Questions

There are 52 cards in a deck; each belongs to one of four suits and one of 13 ra
Question #3821610
There are 5290 children in a study. There are 2560 boys and 2730 girls. Of the 2
Question #3208579
There are 5630 lines per centimeter in a grating that is usedwith light whose wa
Question #1676765
There are 572 full service restaurants in Vermont. The mean number of seats is 6
Question #3381355
There are 6 PWM outputs on mbed board. An engineer is asked by his manager to us
Question #2266588
There are 6 Questions [1] An asteroid is in the shape of sphere and has a mass o
Question #708757
There are 6 Questions [1] An asteroid is in the shape of sphere and has a mass o
Question #2114522
There are 6 answers, please type out final values and label answers. An electron
Question #2242609

Navigate

Previous
There are a couple of questions, I\'d really appreciate your help. (1) It takes
Next
There are a few claimed benefits to Node.js that I typically hear. Some (many?)

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.