Scribd Logo
Upload

Welcome to Scribd!

  • Lab Task 1 Dis 2019

    Uploaded by

    dffdnt
    8 views3 pages
    This document provides instructions for a SQL injection exercise. [1] SQL injection works by maliciously crafting inputs that cause applications to perform unintended queries, allowing extraction of sensitive data or unauthorized access. [2] SQL injection poses a high risk as it can easily exploit vulnerabilities to steal user details, delete data, or inject malicious code. [3] Defenses include limiting record lengths, checking record types, restricting database authorizations, using a whitelist of allowed code, and employing tools like GreenSQL that act as a firewall between applications and databases.

    Original Description:

    Original Title

    LAB TASK 1 DIS 2019

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document provides instructions for a SQL injection exercise. [1] SQL injection works by maliciously crafting inputs that cause applications to perform unintended queries, allowing extraction of sensitive data or unauthorized access. [2] SQL injection poses a high risk as it can easily exploit vulnerabilities to steal user details, delete data, or inject malicious code. [3] Defenses include limiting record lengths, checking record types, restricting database authorizations, using a whitelist of allowed code, and employing tools like GreenSQL that act as a firewall between applications and databases.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    8 views3 pages

    Lab Task 1 Dis 2019

    Uploaded by

    dffdnt
    This document provides instructions for a SQL injection exercise. [1] SQL injection works by maliciously crafting inputs that cause applications to perform unintended queries, allowing extraction of sensitive data or unauthorized access. [2] SQL injection poses a high risk as it can easily exploit vulnerabilities to steal user details, delete data, or inject malicious code. [3] Defenses include limiting record lengths, checking record types, restricting database authorizations, using a whitelist of allowed code, and employing tools like GreenSQL that act as a firewall between applications and databases.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    COURSE CODE / COURSE NAME

    COURSEWORK ASSESSMENT

    SESSION

    NAME 120
    DURATION CLO1
    minutes
    REGISTRATION NO.

    PROGRAMME/SECTION TOTAL MARKS 20

    Answer all the questions

    SQL Injection

    SQL injection is one of the most common web attack mechanisms utilized by attackers to steal
    sensitive data from organizations. While SQL Injection can affect any data-driven application that uses a
    SQL database, it is most often used to attack web sites.

    SQL Injection is a code injection technique that hackers can use to insert malicious SQL statements into
    input fields for execution by the underlying SQL database. This technique is made possible because of
    improper coding of vulnerable web applications.

    These flaws arise because entry fields made available for user input unexpectedly allow SQL statements
    to go through and query the databasedirectly.

    Instruction:

    1. Go to this linkhttps://www.hacksplaining.com/exercises/sql-injection

    2. Follow the instructions to finish the SQL injectionattack.

    3. Upon finish the task, write a report consistsof:

    a. Explanation on how SQL injection works based ontheexample. [10marks]

    SQL injection works on a vulnerable application. It occur when maliciously crafted inputs are submitted by an attacker,
    causing an application to perform an unintended action. Based on the example, the attacker used a subverting application
    logic technique. Consider an application that lets users log in with a username and password. If a user submits the
    username wiener and the password bluecheese, the application checks the credentials by performing the following SQL
    query:

    SELECT * FROM users WHERE username = 'wiener' AND password = 'bluecheese'

    If the query returns the details of a user, then the login is successful. Otherwise, it is rejected.

    Here, an attacker can log in as any user without a password simply by using the SQL comment sequence -- to remove the
    password check from the WHERE clause of the query. For example, submitting the username administrator'-- and a blank
    password results in the following query:
    SELECT * FROM users WHERE username = 'administrator'--' AND password = ''

    This query returns the user whose username is administrator and successfully logs the attacker in as that user.

    b. The SQL Injectionrisk;and [4marks]

     Prevalence Occasional
     Exploitability Easy
     Impact Devastating
     Extract sensitive information, like Social Security numbers, or credit card details.
     Enumerate the authentication details of users registered on a website, so these logins can be used in attacks on
    other sites.
     Delete data or drop tables, corrupting the database, and making the website unusable.
     Inject further malicious code to be executed when users visit the site.

    c. Description of how you can defense against SQLInjectionattacks. [6marks]

    Limit Record Lengths

    It is infinitely preferable that your site edit text entries according to the length of space allocated to your database. For example, if
    a maximum of 15 characters are entered in an entry field, no excess characters should be allowed in the field, this is a sensible
    precaution to take against SQL injection attacks.

    Check Record Types

    Check the types of data entered in a form that you have prepared. For example, a different type of input can be provided while the
    corresponding form must be entered. Such a check can be solved by writing simple codes for robustness.

    Limit Authorizations

    If possible, it would be an advantage for you to connect to the database with restricted privileges, rather than through connection
    administrator rights. This acts as a useful backstop in case your system falls prey to an injection attack, the attacker will not be able
    to do much without admin privileges buying you time to remediate.

    Use A Whitelist

    Everyone recommends setting up the blacklist but an attacker can override the blacklist you set up by modifying combinations. But
    if you set the whitelist logically, so you can avoid the bad codes and white list the good code to work.
    Use GreenSQL

    GreenSQL is an (open source and GPL license) DB Firewall application that protects the database against SQL injection attacks, it
    works with proxy logic and has MySQL compatibility. GreenSQL analyzes the commands sent by the client, and then sends them to
    MySQL. It prevents filtering of commands that are not visible and that are not added to whitelist.

    You might also like