Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Save to My Library
Look up keyword
Like this
1Activity
0 of .
Results for:
No results containing your search query
P. 1
How to Prevent SQL Advance Injection Attcaks by Himanshu Prajapati

How to Prevent SQL Advance Injection Attcaks by Himanshu Prajapati

Ratings: (0)|Views: 60 |Likes:
Published by Rahul Tyagi
SQL injection attacks, pervent sql injection how to sql injection WAF attacks , OWASP attacks, SQL Injection Preverntions,
SQL injection attacks, pervent sql injection how to sql injection WAF attacks , OWASP attacks, SQL Injection Preverntions,

More info:

Published by: Rahul Tyagi on Jun 07, 2013
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

06/07/2013

pdf

text

original

 
Preventing SQL Injection Attack 
By Himanshu Prajapati
 
1
 
Note :-
 
This Article Is For Education Purpose Only And Please Do Not Try This On Any Websites. I Do Not Have Any Responsibility Of AttacksPerformed By You On Any Websites.First We Will See What Is SQL Injection, How Attacker Use SQLInjection To Fetch Important Information From The Database, And HowWe Can Protect Our Website From SQL Injection Attack.
 
Preventing SQL Injection Attack 
By Himanshu Prajapati
 
2
 
What Is SQL Injection ? 
SQL Injection Attack Is The Attack That Comes From The UserInput Which Is Not Checked Whether It Is Valid Or Not. The MainObjective Of This Attack Is To Run Malicious Code That Will ProvideSensitive Information From The Database.As We Know There Are Seven Layers Of The OSI (Open SystemInterconnection) Model, SQL Injection Attack Is Performed On The First Layer That Is Application Layer.There Are Basically Two Types Of Attack. First One That IsAttacker Can Get Required Information (Read Database Information)And Second Is That Attacker Injects (Insert/Update/Delete Information)Some Data That Will Reside In The Database Permanently.
 
Preventing SQL Injection Attack 
By Himanshu Prajapati
 
3
 
How To Prevent SQL Injection Attack ? 
SQL Injection Attack Can Be Prevented Using Following Ways :
1. Validating User Input 2. Monitoring Query Strings For Malicious SQL Query3. Use Parameterized Queries (Prepared Statements)
1. Validating User Input :
First Thing We Can Do To Prevent SQL Injection Is Validate UserInputs. I Will Explain How User Can Bypass Login Page, Known AsBypass Authentication, Using SQL Injection Code And How We CanPrevent Users To Do This.
Figure 1.1 :- Bypassing Log In Page Using SQL Injection Code

You're Reading a Free Preview

Download
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->