SQL INJECTION ATTACK

What is SQL injection ?


 A SQL injection attack consists of insertion or "injection" of a SQL query via the input data from the client to the application. A successful SQL injection exploit can read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database (such as shutdown the DBMS), recover the content of a given file present on the DBMS file system and in some cases issue commands to the operating system. SQL injection attacks are a type of injection attack, in which SQL commands are injected into data-plane input in order to effect the execution of predefined SQL commands.

DESCRIPTION: 

SQL injection errors occur when:
  • Data enters a program from an untrusted source.
  • The data used to dynamically construct a SQL query.
The main consequences are:

  1. Confidentiality: Since SQL databases generally hold sensitive data, loss of confidentiality is a frequent problem with SQL Injection vulnerabilities.
  2. Authentication: If poor SQL commands are used to check user names and passwords, it may be possible to connect to a system as another user with no previous knowledge of the password.
  3. Authorization: If authorization information is held in a SQL database, it may be possible to change this information through the successful exploitation of a SQL Injection vulnerability.
  4. Integrity: Just as it may be possible to read sensitive information, it is also possible to make changes or even delete this information with a SQL Injection attack. 

How dangerous are SQL injections?


If completed successfully, SQL injections have the potential to be incredibly detrimental to any business or individual. Once sensitive data is compromised in an attack, it can be difficult to ever fully recover. Databases are commonly targeted for injection through an application (such as a website, which requests user input and then does a lookup in a database based on that input), but they can also be targeted directly. SQL injection attacks are listed on the OWASP Top 10 list of application security risks that companies wrestle with.



Basic Diagram of SQL Injection Attack : 
Related image


Types of SQL Injections:

  • Inferential (Blind) SQLi

The attacker sends data payloads to the server and observes the response and behavior of the server to learn more about its structure. This method is called blind SQLi because the data is not transferred from the website database to the attacker, thus the attacker cannot see information about the attack in-band.
Blind SQL injections rely on the response and behavioral patterns of the server so they are typically slower to execute but may be just as harmful. Blind SQL injections can be classified as follows:
  • Boolean— That attacker sends a SQL query to the database prompting the application to return a result. The result will vary depending on whether the query is true or false. Based on the result, the information within the HTTP response will modify or stay unchanged. The attacker can then work out if the message generated a true or false result.

  • Time-based— Attacker sends a SQL query to the database, which makes the database wait (for a period in seconds) before it can react. The attacker can see from the time the database takes to respond, whether a query is true or false. Based on the result, an HTTP response will be generated instantly or after a waiting period. The attacker can thus work out if the message they used returned true or false, without relying on data from the database. 

In-band SQLi: 
The attacker uses the same channel of communication to launch their attacks and to gather their results. In-band SQLi’s simplicity and efficiency make it one of the most common types of SQLi attack. There are two sub-variations of this method:
  •  Error-based SQLi— The attacker performs actions that cause the database to produce error messages. The attacker can potentially use the data provided by these error messages to gather information about the structure of the database.
  • Union-based SQLi— This technique takes advantage of the UNION SQL operator, which fuses multiple select statements generated by the database to get a single HTTP response. This response may contain data that can be leveraged by the attacker.

Out-of-band SQLi :


The attacker can only carry out this form of attack when certain features are enabled on the database server used by the web application. This form of attack is primarily used as an alternative to the in-band and inferential SQLi techniques.
Out-of-band SQLi is performed when the attacker can’t use the same channel to launch the attack and gather information, or when a server is too slow or unstable for these actions to be performed. These techniques count on the capacity of the server to create DNS or HTTP requests to transfer data to an attacker.

How we can prevent our Site or Application from SQL injection attack :

Key points to prevent from sql injection attack
SQL Injection

 Here are ten ways you can help prevent or mitigate SQL injection attacks:
  • Update and patch: Vulnerabilities in applications and databases that hackers can exploit using SQL injection are regularly discovered, so it's vital to apply patches and updates as soon as practical.
  • Firewall: Consider a web application firewall (WAF) – either software or appliance based – to help filter out malicious data. Good ones will have a comprehensive set of default rules, and make it easy to add new ones whenever necessary. A WAF can be particularly useful to provide some security protection against a particular new vulnerability before a patch is available.
  • Use appropriate privileges: Don't connect to your database using an account with admin-level privileges unless there is some compelling reason to do so. Using a limited access account is far safer, and can limit what a hacker is able to do.
  • Keep your secrets secret: Assume that your application is not secure and act accordingly by encrypting or hashing passwords and other confidential data including connection 
  • Don't forget the basics: Change the passwords of application accounts into the database regularly. This is common sense, but in practice these passwords often stay unchanged for months or even years. 
  • Buy better software: Make code writers responsible for checking the code and for fixing security flaws in custom applications before the software is delivered. SANS suggests you incorporate terms from this sample contract into your agreement with any software vendor.
                           
Follow on Instagram                              


                                                                              THANK YOU  FOR READING!

Comments

Post a Comment

Popular posts from this blog

Kali Linux Network PXE Install

Image
                Kali Linux Network PXE Install Setup a PXE Server Booting and installing Kali over the network ( PXE ) can be useful from a single laptop install with no CDROM or USB ports, to enterprise deployments supporting pre-seeding of the Kali installation. First, we need to install  dnsmasq  to provide the DHCP/TFTP server and then edit the  dnsmasq.conf  file. apt-get install  dnsmasq nano   / etc / dnsmasq.conf In  dnsmasq.conf , enable DHCP, TFTP and PXE booting and set the  dhcp-range  to match your environment. If needed you can also define your gateway and DNS servers with the  dhcp-option  directive as shown below: interface =eth0 dhcp-range=192.168.101.100,192.168.101.200,12h dhcp-boot=pxelinux.0 enable-tftp tftp-root= / tftpboot / dhcp-option= 3 ,192.168.101.1 dhcp-option= 6 ,8.8.8.8,8.8.4.4 With the edits in place, the dnsmasq service needs to be restarted in order for the changes to take effect. service dnsmasq restart Download Ka
Read more

What is Cross Site Scripting Attack (XSS-Attack)

Image
   WHAT IS CROSS SITE SCRIPTING  ( XSS)  : Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application uses input from a user within the output it generates without validating or encoding it. An attacker can use cross site scripting (XSS) to send a malicious script to an unsuspecting user. The end user’s browser has no way to know that the script should not be trusted, and will execute the script. Because it thinks the script came from a trusted source, the malicious script can access any cookies, session tokens, or other sensitive information retained by the browser and used with that site. These scripts can even rewrite the content of
Read more

Android 9 Pie For Moto G4 plus Athene

Image
                                              Android 9 Pie For Moto G4 plus Athene       Android 9 Pie For Moto G4 plus Athene  Android 9 Pie For Moto G4 plus Athene yes we have Android Pie Rom for Our Moto g4 plus aka Athene Motorola Moto G4 Plus launched in May 2016. Here we will discuss the release of Android 9.0 Pie update for Moto G4 Plus. so to update our Moto g4 Plus We Are Going to Install Android Pie. What’s on Android 9.0 Pie For Moto G4? Android 9.0 Pie is the 9th iteration and a major update of Google’s Android OS. The new Android Pie brings a couple of design changes to the successor Android Oreo but the most notable one is the gesture-based navigation system. Other features of Android 9 Pie are New Quick Settings UI design, Redesigned volume slider, Advanced Battery with AI Support, Notch Support, Improved Adaptive Brightness, Manual theme selection, Android Dashboard which Google calls Digital Wellbeing, and more other features. Android 9
Read more