Thông tin tài liệu
SQL Injection
Presenter : Pham Nhat Anh
What is This ?
And How to Denfend ?
!"
#
$%&'$%
()***)
+*!",-).,")(
// 0("
*+
"),)) (,1""
*!!"))
!+
$)!,,""%"*
(*22"*
*!),1 !
"+
3)4
$)!(,*!
&2)
5
2,2
5
!)6
5
7*"!"*
5
'""2"8!
3)94
*:;7,
**
&),)*"(*!!"
!<
5
$77
5
,
5
=!""$=
7*!"
()*! "(* 2(*
(*7271)"()("" ,<
5
&*<>?!2"5
<
5
@"A<
"B(* )*C>>?!2"88>
! C>>?
A"C/"B(* )*C>/D*D/>
! C>/D! D/>/?
[...]... command.Parameters.Add("@Username", SqlDbType.VarChar).Value = UserName.Text; command.Parameters.Add("@Password", SqlDbType.VarChar).Value = Password.Text; STORED PROCEDURES • Less vulnerable to SQL injection attacks • Added security via EXECUTE permission SqlCommand command = new SqlCommand ("Users_GetUser", connection); command.CommandType = CommandType.StoredProcedure; SqlCommand command = new SqlCommand (sql, connection);... near future • The solutions for SQL injection are not very complicate but it requires good management to deploy properly • Don’t under estimate SQL injection and tackle the problem in a more holistic and systematic approach Reference 1 2 3 4 5 6 7 8 SecuriTeam, SQL Injection Walkthrough, May 2002 http://www.securiteam.com/securityreviews/5DP0N1P76E.html Steve Friedl, SQL Injection Attacks by Example,... prevent SQL Injection correctly • Input Validation and Remove some meta chars(‘ “ ; \\ …) • parameterize DML • stored procedures • Remove unusual system stored procedures PARAMETERIZE DML If DML is a requirement of the application add parameters to the SQL statements string sql = "SELECT * FROM Users " + "WHERE username=@Username " + "AND password= @Password"; SqlCommand command = new SqlCommand (sql, .. .SQL Injection statistics SQL Injection statistics Risks Posed by SQL injection • Confidentiality – SELECT • Data Integrity – INSERT – DROP – DELETE • Authentication bypass – ‘OR 1 = 1-• System compromise – Stored Procedures – Extended... Assessment Tools Kill Bugs Dead, Secure Enterprise, Dec 2005 http://www.secureenterprisemag.com/showArticle.jhtml?articleId=174402221 Sam M.S NG, SQLBlock: SQL Injection Protection by Variable Normalization of SQL Statement, May 2005 http://www.sqlblock.com/sqlblock.pdf ... http://www.unixwiz.net/techtips /sql- injection. html Gunter Ollmann, “Second-order Code Injection Attacks” http://www.nextgenss.com/papers/SecondOrderCodeInjection.pdf PHP Magic Quotes Manual http://www.php.net/manual/en/security.magicquotes.php Oracle Invoker's Rights Procedures http://www.stanford.edu/dept/itss/docs/oracle/10g/network.101/b10773/glossary.ht m Security Context of Dynamic SQL Statements Inside... command.CommandType = CommandType.StoredProcedure; SqlCommand command = new SqlCommand (sql, connection); command.Parameters.Add("@Username", SqlDbType.VarChar).Value = UserName.Text; command.Parameters.Add("@Password", SqlDbType.VarChar).Value = Password.Text; Conclusion • SQL Injection is one of the most important problem in web application security • As shown in page 7, the number of vulnerabilities reported .
SQL Injection
Presenter : Pham Nhat Anh
What is This ?
And How to Denfend ?
Ngày đăng: 16/01/2014, 19:20
Xem thêm: Tài liệu SQL injection và cách phòng chống ppt, Tài liệu SQL injection và cách phòng chống ppt