Web Application Security II - SQL Injection

Web Application Security

Presented by:

Md Syed Ahamad

Detection and Prevention of SQL Injection

1

Project under:

Dr. Ferdous Ahmed

Project Role

Theory

Analysis

Implementation

CS200Detection and Prevention of SQL Injection

2

Topics

Introduction

Webgoat and WebScarab

Prevention Mechanism and Detection Mechanism

Methods

Visual

Advantage and disadvantage

Conclusion


3

Introduction

Thread Agent – Application Specific

Attack Vector

Exploitability – Easy

Security Weakness

Prevalence – Common

Detectability – Average

Technical impacts – severe

Business impacts – Business Specific


4

WebGoat and WebScarab

WebGoat – Web based application for demonstration of common Web

App. Flaws.

Application penetration testing techniques

WebScarab – use as proxy in the localhost for WebGoat.

Shows Request and Response intercept

Parameters can be modified


5

WebScarab


6

SQL Injection

Serious thread

String query = "SELECT * FROM accounts WHERE custID='" + request.getParameter("id") + "'";

Select * from account where username=‘”+a+”’ and PIN=‘”+b+”’;

Here, a=998’or’1’=‘1, b may be empty or anything.


7

Prevention Mechanism

Parametrized Query

Specific primitive data type


8

Prevention Mechanism

Indirect SQL Query

Avoid Direct SQL Query

Some tuple similar to the input is taken out and match

If match is found go ahead otherwise return false


9

Detection Mechanism

Methods

Regular Expression – /\w*((\%27)|(\'))((\%6F)|o|(\%4F))((\%72)|r|(\%52))/ix

@"(;|\s)(exec|execute|select|insert|update|delete|create|alter|drop|rename|truncate

|backup|restore)\s"

Parametrized

Visual

Advantage and disadvantage


10

Detection Mechanism


11

Conclusion

Its not solving the all injection flaws.

Hierarchical structure of Scanner is required.

Hashing of user’s input credentials.


12

Date post:	07-Aug-2015
Category:	Internet
Upload:	syed-ahamad
View:	37 times
Download:	3 times

Web Application Security II - SQL Injection

Internet