Results 1 to 4 of 4

Thread: Understanding SQL Injection Attacks

  1. #1
    Join Date
    Nov 2005
    Posts
    709

    Understanding SQL Injection Attacks

    Many of us are not familiar with SQL Injection. Those who are network admins or who had already given a long time in IT surely knows something on this. But what about those who are not aware about this term. Many of us today are engaged in online business where we market or provide our service with the help of a website. Your virtual company or shop over the internet which deals with physical product and money. Already companies producing Antivirus software and security tools are engaged in providing the best protection on web. So in year 2012 where he have a long list of Antivirus Software, Services, Tools, etc should lie and let the software worry how to deal with attacks as you are paying for it. Not really. In my concern people should be aware what is going around the web. IT being a part of our life today is found everywhere. In the coming future it is more advanced and vast. Some vulnerability which appeared or might appear is going to put the vast population under risk. Awareness is one thing which can keep you protected. I am not emphasizing that this is the only one risk you should worry about, or don't sleep, No. Precaution is better than cure. Knowledge is never wasted. Lots of proverb no that you can find on Google. Here I tried to accumulate the best information from wherever I can. It can be Wikipedia or any other sources and I swear nothing is tested. So it is entirely on your mindset how you understand this article and respond. Basically what I am trying to do is to create a single place article with simple references that can help me and other to keep a track of this attack.


    Let’s come back on the topic. What is SQL Injection ?. In simple word. SQL Injection is a process by which someone can enter your website with some codes without needing any kind of login access and modify your website content. Now this is serious. You might have heard about many news that some sites are hacked and attackers has added adult content on the pages spoiling the entire websites credibility. People who called them hackers, attackers, fancy names, etc are intended to do such thing. It is not valid to define intentions here. SQL Injection deals with a process of adding a SQL statement inside a web from. Those websites which are not properly designed or maintained are the first to get affected. Under this the attacker can access your website Database which is stored in SQL. Once he/she is in they can control your site and till the time you wake things are ruined. Today many CMS are designed by keeping all this thing in mind. Well managed CMS offers you regular updates and security patches to avoid risk. Vulnerabilities are detected and avoided before they reach people.

    SQL Injection is not a attack. It is a technique. The attacker is well versed in SQL and he/she is aware about those techniques. So under this you might be wondering to learn SQL from A to Z. Not required. If everyone will learn it, then how development or security companies will earn money. My motive is to define the vulnerabilities that you can avoid on your own. Once you know how such kind of attacks works, what is sql and all you stay safer. We just jump on our seat, put the credit card number and buy the site. All we know the traditional cpanel with number of icons. But when the business takes a major turn where you are on success road, such things can be the reason for your worry. The hosting companies also provide us better security on better money. That does not means that the more you spend the more secure you are. In SQL attack the attacker mostly looks for database. He/She tries to find mostly the credit cards or password or any important data that has value over internet. They use it or exploit it for money process.

    This attack give direct access to SQL Database. With the help of a well designed website and query language interpreters it is possible to prevent such kind of attacks. This might seems complicated. If you want to understand the risk of this attack then it is stated in Wikipedia that "In the wild, it has been noted that applications experience, on average, 71 attempts an hour". This is just a wild guess. In SQL Injection the attackers try to convince the application by running a pre-defined SQL query to give expected results.

  2. #2
    Join Date
    Nov 2005
    Posts
    709

    Re: Understanding SQL Injection Attacks

    How it Works ?


    As mentioned already SQL injection is a kind of attack where attacker inserts a malicious code to access the SQL server. It begins by adding a code in the user input variables. Like by default many websites uses Login access. This login access provides two boxes User Name and Password. This are the gateway to attack. The code is directly executed from this. If you go and read some articles on web you might get confused or curse yourself for your weak SQL GK. Here I can explain in simple way how it works. How the codes are executed and how the innocent SQL replies without knowing that it is going to provide crucial database information to a stranger. Before that you must know that for any website the most important part is DATABASE. Database is like a container where the website keeps all content of your website. Like user logins, articles, videos, etc. Many elements are placed inside this single box which is protected by username and password. SQL is widely used and it is a very versatile language.

    Now let’s begin. Let’s take this for example. You went on a game site and want to play game. You can see categories. You click on Pool and see a list of Pool games. This is a dynamic list generated on the base of website cms and database application. You clicked on the best game you liked and started playing. When you choose a game, the content came from the database which is on the backend or the server. Here the SQL works plain and straight responding to a users query. The game thing is just an example. Another example I can give you is of a shopping website. You type something in the search box like: Perfumes and you can see a list of Products under Category Perfume. This is again a dynamic list of products. Here the when you search the website designed or you can say the language or code, etc interprets the query and the database responds which can be seen in the from of result. Codes which are running behind cannot be seen with regular human eyes.

    Coming to the point. In the search box the attacker will add some pre-defined special codes. The codes will be simple text with characters which will tell the website that the something is searched. The query is forwarded to the database and the database respond on it. There is nothing wrong done here. No virus is installed, not tools are used to attack the server, no special powers Ares used. Only the SQL code like. This can be explained for better with a example. You have site which sells books. So when a user tries to look for a book a similar type of code which runs is SELECT BookName, BookDescription FROM BooksCategory WHERE BookNumber = BookNumber. Under the user gets info on the Book. Remember the user will not copy paste the above code. He will just click or type the name of Book.

    But the attacker users a bit different type of code. He inserts the code inside the query boxes or you can say search box or login boxes to gain database info. So he will put sql_query= "SELECT BookName, BooksCategory FROM Books WHERE BookNumber = " & Request.QueryString("BookID"). Can you see the difference. In this code the attacker has planted a code and asked the database to give result on BookID. In turn he will get the list of all books on the site. Because all books are listed with IDs and he/she has called the entire table for result. This is just a sample. There are many other codes which are used in the directly website URL to retrieve information. A attacker can not only get the information, but can find all usernames / passwords / emails / contacts, etc. The list of attacks which comes under SQL injection is much higher.

  3. #3
    Join Date
    Nov 2005
    Posts
    709

    Re: Understanding SQL Injection Attacks

    Prevention

    There are many methods which can be used to prevent such attack. But this will need a quiet soundfull knowledge in SQL or other technologies. There are many modes of which can be used to protect your website or network for SQL Injection attacks. I had listed them one by one with short description on the same.

    1. Validating the Input :


    Under this you must ensure that you do not compromise with your inputs. That means the text or character used for logins or search. If you ensure this, you can stay safer. By validating the input you can avoid anyone inserting a malicious code in your logins and get your data. For that you will need to first understand the structure of your site. You must also check that whatever application or site you are running should lie under a secure area. Many a time you can see website prompting you to add a specific number of characters for password. OR simply limiting the amount of inputs. This is what called a simple example of validation. You can pre-configure in your site about the inputs entered by any external users. So no other characters are identified and executed.

    Detailed Information click here - SQL Injection

    2. OWASP Guide :


    OWASP stands for Open Web Application Security Project. This is you can say a project or group assembled together to make web more secure. Many guides are offered under this which can be for everyone. Today we cannot ignore web security on any condition. Under this you can get a Development Guide which can help everyone to find the right solution to secure your website. This is one of the awesome approach for web security. Be a part of it.

    OWASP Guide
    OWASP SQL Injection Prevention Guide

    3. Updating your Website :


    Updating your website consist of two things. First checking of invalid codes or verifying the user activity and second if you are using a CMS or any other technology then running security patches. CMS like Vbulletin or Drupal which are widely used always has a new update. This new updates and patches fixes the security holes in the code and make people more secure. So here you do not need to worry much about programming. Today it is been found that many are switching to choose a CMS instead of writing a site from scratch. This has made the web heavier. Availability of open source CMS has created more interest among people to come online and start working or sharing.

    4. Cleaning your Website :

    Cleaning in the sense means removing all those which are not going to use. This is applicable for both. For your site and for your Database server. If you are using a automated script which allows you to configure your site functionality in GUI base then better keep a track on add-ons. Remove all those stuff which you do not want. The most simple and clear your site stays the more less issue appears.

    5. Regular Testing :


    I can help you here to give a reference of automated tool called as SQL Inject Me. Get this tool and run a SQL injection attack on your website. The tool will not only run the attack but also it will analyze the vulnerability. It will help you to understand how much secure your website is. You can try this number of time till you are satisfies as per the changes made by you. Do not try this on any other.

  4. #4
    Amastemm Guest

    Re: Understanding SQL Injection Attacks

    Thanx for your detailed guide. It's really cool

Similar Threads

  1. How to do DLL injection logic
    By Thenral in forum Software Development
    Replies: 5
    Last Post: 27-06-2011, 10:30 AM
  2. SQL Injection
    By ramsun in forum Software Development
    Replies: 3
    Last Post: 07-12-2009, 09:18 AM
  3. How to Implement .net dependency injection in .NET Application
    By Paramartha in forum Software Development
    Replies: 3
    Last Post: 11-08-2009, 03:17 PM
  4. XML injection in a SOAP request
    By Logan.M in forum Software Development
    Replies: 4
    Last Post: 30-04-2009, 11:30 PM
  5. How to protect SQL injection attack
    By Projectkmo in forum Software Development
    Replies: 0
    Last Post: 04-12-2008, 01:48 PM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Page generated in 1,711,778,042.73044 seconds with 17 queries