Scribd Logo
Upload

Welcome to Scribd!

  • SQL Injection PDF

    Uploaded by

    Siddiqui Siraj ali
    74 views6 pages
    An SQL injection occurs when malicious SQL code is inserted into an entry field on a website. This code is then executed by the backend SQL server, allowing an attacker to view or modify data without authorization. There are many types of SQL injections with varying levels of visibility, from errors to time delays. Successful attacks can steal data, change passwords, or completely destroy databases. Automated tools like Mole can detect and exploit SQL injections with little input from the attacker.

    Original Description:

    Original Title

    SQL_Injection.pdf

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    An SQL injection occurs when malicious SQL code is inserted into an entry field on a website. This code is then executed by the backend SQL server, allowing an attacker to view or modify data without authorization. There are many types of SQL injections with varying levels of visibility, from errors to time delays. Successful attacks can steal data, change passwords, or completely destroy databases. Automated tools like Mole can detect and exploit SQL injections with little input from the attacker.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    74 views6 pages

    SQL Injection PDF

    Uploaded by

    Siddiqui Siraj ali
    An SQL injection occurs when malicious SQL code is inserted into an entry field on a website. This code is then executed by the backend SQL server, allowing an attacker to view or modify data without authorization. There are many types of SQL injections with varying levels of visibility, from errors to time delays. Successful attacks can steal data, change passwords, or completely destroy databases. Automated tools like Mole can detect and exploit SQL injections with little input from the attacker.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 6

    WHAT IS SQL INJECTION?

    An SQL injection is a kind of injection vulnerability in which the attacker tries to


    inject malicious data into the input fields of an application, which, when processed
    by the application, causes that data to be executed as a piece of code by the back
    end SQL server, thereby giving undesired results which the developer of the
    application did not anticipate. The backend server can be any SQL server (MySQL,
    MSSQL, ORACLE, PostgreSQL etc.)

    The ability of the attacker to execute code (SQL statements) through vulnerable
    input parameters empowers him to directly interact with the back end SQL server.
    TYPES OF SQL INJECTION ATTACK

    Error based Injection :-


    The attacker sends some malicious query to the database which results in errors.
    The errors should be very generic, otherwise, they may give useful hints to the
    attacker.
    Comment-Line :- Using comment line to cause the database to ignore a part of a
    valid query.
    E.g. Select * from stores where product_id = blah’ or 1=1-- (everything after this
    will be neglected)
    Tautology :- There are a lot of strings which always evaluates to be true, like ‘1’ =
    ‘1’ ‘a’ = ‘a’, etc., using them in the query to create constantly true conditions.
    E.g. Select * from users where username=’blah’ or ‘a’=’a’ -- and password=’pass’
    Union Based SQL injection :-
    Using union command in SQL query to execute additional queries; thereby,
    modifying/inserting/deleting or dropping the contents of the table.
    E.g. Select * from stores where product_id=1 union select 1,database(),user(),4#
    Incorrect queries:- Coming up with logically incorrect queries to see the error
    messages to get more information about the target database.
    Select * from stores where id=1’
    The above query will result in a syntax error and might reveal the backend
    database type.
    Blind SQL Injection :-

    The blind SQL injection is the hardest type. In this attack, no error messages are
    received from the database; hence, we extract the data by asking questions to the
    database. The blind SQL injection is further divided into two kinds:

    1. Boolean-based SQL Injection :- Only correct queries show the result, wrong
    queries do not return anything. Attackers should try to generate logically
    correct queries

    2. Time-based SQL Injection :- Depending on some conditions, setting a time


    delay. If that condition is satisfied, we can observe the time delay thereby,
    concluding that the input we gave produced a positive result. This is a time
    consuming process.

    RISKS OF SQL INJECTION

    SQL injection attacks occur when a web application does not validate values
    received from a web form, input parameter, etc., before passing them to SQL
    queries that will be executed on a database server.
    This will allow an attacker to manipulate the input so that the data is interpreted as
    code rather than as data.

    SQL injection attack risk is usually very high and the consequences are severe.
    A successful attack can bypass authentication and authorization to
    1. Gain full control of the database,
    2. Steal sensitive data,
    3. Change users passwords,
    4. Retrieve users credential information,
    5. Add non-existent accounts,
    6. Drop tables,
    7. Make illegal financial transactions,
    8. Destroy the existing database.
    To make the SQL injection attack process easy, SQL injection tools are available.
    These tools take the vulnerable URL as a parameter and then start attacking the
    target.
    Based on its detection and attack engine, these tools are capable of detecting the
    type of attack.

    SQL INJECTION TOOLS

    1. BSQL Hacker
    2. SQLmap
    3. SQLninja
    4. Safe3 SQL Injector
    5. SQLSus
    6. Mole

    MOLE
    AUTOMATIC SQL INJECTION EXPLOITATION TOOL

    Latest version :- themole-0.3

    1. Mole is an automatic SQL Injection exploitation tool.


    2. Only by providing a vulnerable URL and a valid string on the site it can
    detect the injection and exploit it, either by using the union technique or a
    boolean query based technique.
    3. The Mole uses a command based interface, allowing the user to indicate the
    action he wants to perform easily.
    4. The CLI also provides auto-completion on both commands and command
    arguments, making the user type as less as possible.

    Features :-

    1. Support for MySQL, PostgreSQL, SQL Server and Oracle.


    2. Automatic SQL injection exploitation using union technique.
    3. Automatic blind SQL injection exploitation.
    4. Exploits SQL Injections in GET/POST/Cookie parameters.
    5. Exploits SQL Injections that return binary data.
    6. Powerful command interpreter to simplify its usage.

    In order to execute The Mole, you require only python3 and python3-lxml. Once
    you execute it, a shell prompt will be printed, waiting for commands.

    You can use some program arguments:

    1. -u URL :- Use this to set the URL which contains the vulnerability. This is
    the same as using the "url" command.
    2. -n NEEDLE :- Use this to set the needle to be found in the requested page.
    3. Schemas :- Fetches the schemas(databases) from the server.
    2. tables <SCHEMA> :- Fetches the tables for the schema.

    You might also like