SQL Injection (SQLi) Demonstration and Prevention (lab2) PDF

Summary

This document demonstrates SQL injection techniques and prevention strategies. It provides practical examples of how to bypass authentication using SQL injection, and prevention methods like input validation and parameterized queries. It's a good resource for understanding database security.

Full Transcript

Learn about sql injection applications by website portSiwgger https://portswigger.net Practical example application about sqlinjection using php and mysql https://www.securityidiots.com/Web-Pentest/SQL-Injection/Basic-Union-Based-SQL-Injection.html https://www.sqlinjection.net/union/ https://ow...

Learn about sql injection applications by website portSiwgger https://portswigger.net Practical example application about sqlinjection using php and mysql https://www.securityidiots.com/Web-Pentest/SQL-Injection/Basic-Union-Based-SQL-Injection.html https://www.sqlinjection.net/union/ https://owasp.org/www-community/attacks/SQL_Injection We will write briefly a small example at the beginning of how to bypass SQL Query, and we will not conclude that we have a login form containing the username and password, when the content is sent for the executable query in this way, for example, to find out the Root-X username and password Password: SELECT * FROM users WHERE user='Root-X' AND pass='Password' Now what happens if you want to inject the search username with: Mark ' to close the alternate username brand My tag -- Parliament remains the query as a comment (comment) that cannot be executed So the query becomes like this: Or the # sign can be used better than the -- like this: Now why not bypass the authentication agreement and log in without using your username and password? It will inject the username with So the query becomes like this: The quotation mark for the username variable is closed. Then you check the query, which is if 1 = 1, and this is normal and correct. Then the query ends with the # sign to stop the query, from registering an entrance to bypass authentication and login completely. 1. Staff Training : 2. Use the Latest Versions 3. Web Application Firewall 4. Encryption 5. Limit Privileges and Access 6. Eliminate Shared Databases 7. Avoid Displaying Error Messages 8. Use Stored Procedures 9. Deny Extended URLs 10. Monitor Database Communication 1. Students attempt SQLi to bypass authentication. 2. Implement input validation and parameterized queries to fix the vulnerability.

Use Quizgecko on...
Browser
Browser