votd sql injection
play

VOTD: SQL Injection Engineering Secure Software Last Revised: - PowerPoint PPT Presentation

Oct 25, 2023 •287 likes •379 views

VOTD: SQL Injection Engineering Secure Software Last Revised: September 3, 2020 SWEN-331: Engineering Secure Software Benjamin S Meyers 1 What is SQL Injection? Manipulating query strings to execute code Injecting SQL commands into

  1. VOTD: SQL Injection Engineering Secure Software Last Revised: September 3, 2020 SWEN-331: Engineering Secure Software Benjamin S Meyers 1

  2. What is SQL Injection? Manipulating query strings to execute code ● Injecting SQL commands into query strings ● CWE-89 ● SWEN-331: Engineering Secure Software Benjamin S Meyers 2

  3. Example private static String auth(String user, String pwd, Connection conn) throws SQLException { ResultSet resultSet; resultSet = conn.createStatement().executeQuery( "SELECT * FROM Users WHERE Username='" + user + "' AND Password='" + pwd + "'"); // BAD ^^^^^^ BAD ^^^^^ if (resultSet.next()) // any rows? return "Authenticated!!"; else return "Not authenticated!!"; } SWEN-331: Engineering Secure Software Benjamin S Meyers 3

  4. How Do You Do It? Line Comments: -- ● SELECT * FROM members WHERE username = ‘admin’--’ AND password = ‘password’ This can be used to bypass passwords and login as admin ○ Inline Comments: /* */ ● DROP ‘/*comment*/tablename’ This can be used to bypass blacklisting ○ And lots of other ways ● SWEN-331: Engineering Secure Software Benjamin S Meyers 4

  5. Example Executing arbitrary OS commands ● SQL 9.3+ ○ Any user with the pg_execute_server_program role can ○ execute arbitrary OS commands ○ COPY cmd_exec FROM PROGRAM `cat /root/.ssh/id_rsa` ○ COPY cmd_exec FROM PROGRAM `echo ‘ben ALL=(ALL:ALL) ALL’ >> /etc/sudoers` User roles ○ SWEN-331: Engineering Secure Software Benjamin S Meyers 5

  6. Mitigations Prepared statements with binding variables ● Instead of: ○ SELECT Name, Salary FROM Employee WHERE Salary > *user_input*; Do: ○ String query = "SELECT Name, Salary FROM Employee WHERE Salary > ?"; PreparedStatement pstmt = conn.prepareStatement(query); pstmt.setInt(1, *user_input*); ResultSet rs = pstmt.executeQuery(); Escaping characters is a poor substitute (e.g. character sets) ● OO-relational mappers can mitigate some SQL injections, but ● they’re not foolproof SWEN-331: Engineering Secure Software Benjamin S Meyers 6

  7. Notes Applicable to most programming languages that can execute ● SQL: Java, Ruby, PHP, etc. Not particularly hard to fix, you just have to know to fix it ● Some people will tell you that you need lots of tools to fix SQL ● injection -- that’s a lie, just use prepared statements History and consequences of SQL-Injection ● SWEN-331: Engineering Secure Software Benjamin S Meyers 7

  8. Source: https://cwe.mitre.org/top25/archive/2020/2020_cwe_top25.html SWEN-331: Engineering Secure Software Benjamin S Meyers 8

  9. Source: https://xkcd.com/327/ SWEN-331: Engineering Secure Software Benjamin S Meyers 9

Recommend

VOTD: OS Command Injection Engineering Secure Software Last Revised: September 17, 2020

VOTD: OS Command Injection Engineering Secure Software Last Revised: September 17, 2020

VOTD: OS Command Injection Engineering Secure Software Last Revised: September 17, 2020 SWEN-331: Engineering Secure Software Benjamin S Meyers 1 What is OS Command Injection Executing arbitrary commands on the host OS via a vulnerable

272 views • 8 slides
A1 (Part 2): Injection SQL Injection SQL injection is prevalent SQL injection is impactful Why a

A1 (Part 2): Injection SQL Injection SQL injection is prevalent SQL injection is impactful Why a

A1 (Part 2): Injection SQL Injection SQL injection is prevalent SQL injection is impactful Why a password manager is a good idea! SQL injection is ironic SQL injection is funny Overviewtrated Account Summary Account: Account: "SELECT

445 views • 32 slides
5.2) Injections (part 2) Shell Injection, XML Injection, LDAP injection Emmanuel Benoist Spring

5.2) Injections (part 2) Shell Injection, XML Injection, LDAP injection Emmanuel Benoist Spring

5.2) Injections (part 2) Shell Injection, XML Injection, LDAP injection Emmanuel Benoist Spring Term 2016 Berner Fachhochschule | Haute cole spcialise bernoise | Berne University of Applied Sciences 1 Table of Contents Injection in PHP

995 views • 73 slides
A1 (Part 3): Injection Blind SQL Injection Blind SQL Injection SQL injectio ion that tricks ks

A1 (Part 3): Injection Blind SQL Injection Blind SQL Injection SQL injectio ion that tricks ks

A1 (Part 3): Injection Blind SQL Injection Blind SQL Injection SQL injectio ion that tricks ks databases into reveal l information by way of the success or failure of injected querie ies Analogous example le: Login prompt that stops ps

602 views • 14 slides
Injection mismatch type of injection mismatch will lead to an emittance blow-up. Off axis

Injection mismatch type of injection mismatch will lead to an emittance blow-up. Off axis

Injection mismatch: As a rule, proton/ion accelerators need their full aperture at injection, thus avoiding mismatch allows a beam of larger normalized emittance * and containing more Protons. In proton/ion ring accelerators any Injection

454 views • 4 slides
A1 (Part 1): Injection Command and Code injection A1 Injection Tricking an application

A1 (Part 1): Injection Command and Code injection A1 Injection Tricking an application

A1 (Part 1): Injection Command and Code injection A1 Injection Tricking an application into executing commands or code embedded in data Data and code mixing! Often injected into interpreters SQL, PHP, Python, JavaScript, LDAP,

377 views • 14 slides
INJECTION GEL www.eurastechnology.com WHAT IS INJECTION GEL? An injectable gel is a flexible

INJECTION GEL www.eurastechnology.com WHAT IS INJECTION GEL? An injectable gel is a flexible

TECHNOLOGY APPLICATIONS FOR HYDRO ISOLATION AND REPAIR OF UNDERGROUND FACILITIES INJECTION GEL www.eurastechnology.com WHAT IS INJECTION GEL? An injectable gel is a flexible mass of mineral origin, for both dry and wet surfaces solvent-free,

487 views • 21 slides
INJECTION GEL www.eurastechnology.com WHAT IS INJECTION GEL? An injectable gel is a flexible

INJECTION GEL www.eurastechnology.com WHAT IS INJECTION GEL? An injectable gel is a flexible

TECHNOLOGY APPLICATIONS FOR HYDRO ISOLATION AND REPAIR OF UNDERGROUND FACILITIES INJECTION GEL www.eurastechnology.com WHAT IS INJECTION GEL? An injectable gel is a flexible mass of mineral origin, for both dry and wet surfaces solvent-free,

466 views • 29 slides
VOTD: XSS & CSRF Engineering Secure Software Last Revised: September 8, 2020 SWEN-331:

VOTD: XSS & CSRF Engineering Secure Software Last Revised: September 8, 2020 SWEN-331:

VOTD: XSS & CSRF Engineering Secure Software Last Revised: September 8, 2020 SWEN-331: Engineering Secure Software Benjamin S Meyers 1 What is XSS? XSS: Cross Site Scripting Injecting malicious scripts into a web page CWE-79

772 views • 12 slides
Injection Safety Every Provider s Responsibility Outline Safe Injection

Injection Safety Every Provider s Responsibility Outline Safe Injection

Injection Safety Every Provider s Responsibility Outline Safe Injection Practices The ONE and ONLY Campaign Outbreak History Mistaken Beliefs A Call to Action Resources and Information

591 views • 20 slides
Reaction Injection Molding (RIM)- Low Quantity Injection Molding for the Life Sciences Industry

Reaction Injection Molding (RIM)- Low Quantity Injection Molding for the Life Sciences Industry

Reaction Injection Molding (RIM)- Low Quantity Injection Molding for the Life Sciences Industry Presented by: Ken Schweitz, President and Doug Culbertson, VP Business Development of Premold Corp Section I. Advantages of RIM Economical

441 views • 29 slides
VOTD: Log Neutralization Engineering Secure Software Last Revised: September 2, 2020 SWEN-331:

VOTD: Log Neutralization Engineering Secure Software Last Revised: September 2, 2020 SWEN-331:

VOTD: Log Neutralization Engineering Secure Software Last Revised: September 2, 2020 SWEN-331: Engineering Secure Software Benjamin S Meyers 1 What is Log Neutralization? If you allow newlines ( \n ) in your log entries, then attackers

260 views • 7 slides
C0 2 / Acid Gas Injection Well Injection Well Conversion Prepared for the 5 Th Well Bore

C0 2 / Acid Gas Injection Well Injection Well Conversion Prepared for the 5 Th Well Bore

C0 2 / Acid Gas Injection Well Injection Well Conversion Prepared for the 5 Th Well Bore Integrity Network Meeting. Calgary Alberta May 14, 2009 Agenda Wellbore integrity Well design with annular integrity Well design without

443 views • 22 slides
Underground Injection Control (UIC) Permitting, Testing and Monitoring Injection-Storage Permits

Underground Injection Control (UIC) Permitting, Testing and Monitoring Injection-Storage Permits

Underground Injection Control (UIC) Permitting, Testing and Monitoring Injection-Storage Permits Unit February, 2019 1 Railroad Commission of Texas | June 27, 2016 (Change Date In First Master Slide) Session Overview Overview: UIC Online

1.01k views • 79 slides
Stage Fractional- N Injection-Locked PLL Using Soft Injection Dongsheng Yang, Wei Deng, Tomohiro

Stage Fractional- N Injection-Locked PLL Using Soft Injection Dongsheng Yang, Wei Deng, Tomohiro

1S-1 An Automatic Place-and-Routed Two- Stage Fractional- N Injection-Locked PLL Using Soft Injection Dongsheng Yang, Wei Deng, Tomohiro Ueno, Teerachot Siriburanon, Satoshi Kondo, Kenichi Okada, and Akira Matsuzawa Tokyo Institute of

423 views • 10 slides
NEVO sequential gas injection system New sequential gas injection system NEVO Answer for

NEVO sequential gas injection system New sequential gas injection system NEVO Answer for

NEVO sequential gas injection system New sequential gas injection system NEVO Answer for market expectations Modern cars Demanding users Workshop time saving KME trademark Major assumptions of NEVO system Simple Quick to

222 views • 21 slides
AVFI: Fault Injection for Autonomous Vehicles Fault Injection to Measure Resilience of AVs

AVFI: Fault Injection for Autonomous Vehicles Fault Injection to Measure Resilience of AVs

Saurabh Jha, Subho S. Banerjee , James Cyriac, Zbigniew T. Kalbarczyk and Ravishankar K. Iyer Computer Science, Electrical and Computer Engineering AVFI: Fault Injection for Autonomous Vehicles Fault Injection to Measure Resilience of AVs

215 views • 8 slides
VOTD: Integer Overflow Engineering Secure Software Last Revised: August 17, 2020 SWEN-331:

VOTD: Integer Overflow Engineering Secure Software Last Revised: August 17, 2020 SWEN-331:

VOTD: Integer Overflow Engineering Secure Software Last Revised: August 17, 2020 SWEN-331: Engineering Secure Software Benjamin S Meyers 1 What is Integer Overflow? An operation that creates a numeric value outside of the range that can

211 views • 6 slides
VOTD: Time of Check, Time of Use Engineering Secure Software Last Revised: September 1, 2020

VOTD: Time of Check, Time of Use Engineering Secure Software Last Revised: September 1, 2020

VOTD: Time of Check, Time of Use Engineering Secure Software Last Revised: September 1, 2020 SWEN-331: Engineering Secure Software Benjamin S Meyers 1 What is Time of Check, Time of Use? Analogy: Jill asks Dan to have tea ready for her when

383 views • 7 slides
www.adduxi.com HIGH QUALITY INJECTION ADDUXI IS A MANUFACTURER OF HIGH-PRECISION INDUSTRIAL

www.adduxi.com HIGH QUALITY INJECTION ADDUXI IS A MANUFACTURER OF HIGH-PRECISION INDUSTRIAL

HIGH QUALITY INJECTION www.adduxi.com HIGH QUALITY INJECTION ADDUXI IS A MANUFACTURER OF HIGH-PRECISION INDUSTRIAL PARTS. INJECTION MOLDING OF MISCELLANEOUS THERMOPLASTICS. HIGH QUALITY INJECTION MAIN OBJECTIVE: PERFORMANCE BASED ON

745 views • 33 slides
CS327E: Elements of Databases Cybersecurity and SQL Injection Dr. Bill Young Department of

CS327E: Elements of Databases Cybersecurity and SQL Injection Dr. Bill Young Department of

CS327E: Elements of Databases Cybersecurity and SQL Injection Dr. Bill Young Department of Computer Sciences University of Texas at Austin Last updated: October 31, 2016 at 12:21 CS327E SQL Injection Slideset: 1 SQL Injection What Id Like

440 views • 39 slides
VOTD: Buffer Overflow Engineering Secure Software Last Revised: August 17, 2020 SWEN-331:

VOTD: Buffer Overflow Engineering Secure Software Last Revised: August 17, 2020 SWEN-331:

VOTD: Buffer Overflow Engineering Secure Software Last Revised: August 17, 2020 SWEN-331: Engineering Secure Software Benjamin S Meyers 1 What is Buffer Overflow? Writing data outside of the intended buffer (memory space) SWEN-331:

298 views • 6 slides
Blackout: What Really Happened Jamie Butler and Kris Kendall Outline Code Injection Basics

Blackout: What Really Happened Jamie Butler and Kris Kendall Outline Code Injection Basics

Blackout: What Really Happened Jamie Butler and Kris Kendall Outline Code Injection Basics User Mode Injection Techniques Example Malware Implementations Kernel Mode Injection Techniques Advanced Code Injection Detection via

901 views • 60 slides
Polymer Engineering Polymer Engineering (MM3POE) (MM3POE) INJECTION MOULDING INJECTION

Polymer Engineering Polymer Engineering (MM3POE) (MM3POE) INJECTION MOULDING INJECTION

Polymer Engineering Polymer Engineering (MM3POE) (MM3POE) INJECTION MOULDING INJECTION MOULDING http://www.nottingham.ac.uk/~eazacl/MM3POE Injection Moulding 1 Contents Contents Principles of injection moulding Reciprocating

559 views • 29 slides

More recommend