• Complain

Justin Clarke - SQL Injection Attacks and Defense

Here you can read online Justin Clarke - SQL Injection Attacks and Defense full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. year: 2012, publisher: Syngress, genre: Computer. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:

Romance novel Science fiction Adventure Detective Science History Home and family Prose Art Politics Computer Non-fiction Religion Business Children Humor

Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.

Justin Clarke SQL Injection Attacks and Defense
  • Book:
    SQL Injection Attacks and Defense
  • Author:
  • Publisher:
    Syngress
  • Genre:
  • Year:
    2012
  • Rating:
    3 / 5
  • Favourites:
    Add to favourites
  • Your mark:
    • 60
    • 1
    • 2
    • 3
    • 4
    • 5

SQL Injection Attacks and Defense: summary, description and annotation

We offer to read an annotation, description, summary or preface (depends on what the author of the book "SQL Injection Attacks and Defense" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.

SQL Injection Attacks and Defense, First Edition: Winner of the Best Book Bejtlich Read Award SQL injection is probably the number one problem for any server-side application, and this book unequaled in its coverage. -Richard Bejtlich, Tao Security blog SQL injection represents one of the most dangerous and well-known, yet misunderstood, security vulnerabilities on the Internet, largely because there is no central repository of information available for penetration testers, IT security consultants and practitioners, and web/software developers to turn to for help. SQL Injection Attacks and Defense, Second Edition is the only book devoted exclusively to this long-established but recently growing threat. This is the definitive resource for understanding, finding, exploiting, and defending against this increasingly popular and particularly destructive type of Internet-based attack. SQL Injection Attacks and Defense, Second Edition includes all the currently known information about these attacks and significant insight from its team of SQL injection experts, who tell you about: Understanding SQL Injection - Understand what it is and how it works Find, confirm and automate SQL injection discovery Tips and tricks for finding SQL injection within code Create exploits for using SQL injection Design apps to avoid the dangers these attacks SQL injection on different databases SQL injection on different technologies SQL injection testing techniques Case Studies Securing SQL Server, Second Edition is the only book to provide a complete understanding of SQL injection, from the basics of vulnerability to discovery, exploitation, prevention, and mitigation measures. Covers unique, publicly unavailable information, by technical experts in such areas as Oracle, Microsoft SQL Server, and MySQL---including new developments for Microsoft SQL Server 2012 (Denali). Written by an established expert, author, and speaker in the field, with contributions from a team of equally renowned creators of SQL injection tools, applications, and educational materials

Justin Clarke: author's other books


Who wrote SQL Injection Attacks and Defense? Find out the surname, the name of the author of the book and a list of all author's works by series.

SQL Injection Attacks and Defense — read online for free the complete book (whole text) full work

Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "SQL Injection Attacks and Defense" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.

Light

Font size:

Reset

Interval:

Bookmark:

Make
Acknowledgements

Justin would like to thank the Syngress editing team (and especially Chris Katsaropoulos and Heather Scherer) for once again being willing to take on a book which (in the publishing industry) has a ridiculous number of authors involved. Hed also like to thank, in his role as chief cat-herder, the author team for all pulling together to get this project completed.

Chapter 1
What Is SQL Injection?

Dave Hartley

Solutions in this chapter:

Understanding How Web Applications Work

Understanding SQL Injection

Understanding How It Happens

Introduction

People say they know what SQL injection is, but all they have heard about or experienced are trivial examples. SQL injection is one of the most devastating vulnerabilities that impact a business, as it can lead to exposure of all of the sensitive information stored in an applications database, including handy information such as usernames, passwords, names, addresses, phone numbers, and credit card details.

So, what exactly is SQL injection? It is the vulnerability that results when you give an attacker the ability to influence the Structured Query Language (SQL) queries that an application passes to a back-end database. By being able to influence what is passed to the database, the attacker can leverage the syntax and capabilities of SQL itself, as well as the power and flexibility of supporting database functionality and operating system functionality available to the database. SQL injection is not a vulnerability that exclusively affects Web applications; any code that accepts input from an untrusted source and then uses that input to form dynamic SQL statements could be vulnerable (e.g. fat client applications in a client/server architecture). In the past, SQL injection was more typically leveraged against server side databases, however with the current HTML5 specification, an attacker could equally execute JavaScript or other codes in order to interact with a client-side database to steal data. Similarly with mobile applications (such as on the Android platform) malicious applications and/or client side script can be leveraged in similar ways (see labs.mwrinfosecurity.com/notices/webcontentresolver/ for more info).

SQL injection has probably existed since SQL databases were first connected to Web applications. However, Rain Forest Puppy is widely credited with its discoveryor at least for bringing it to the publics attention. On Christmas Day 1998, Rain Forest Puppy wrote an article titled NT Web Technology Vulnerabilities for Phrack (www.phrack.com/issues.html?issue=54&id=8#article), an e-zine written by and for hackers. Rain Forest Puppy also released an advisory on SQL injection (How I hacked PacketStorm, located at www.wiretrip.net/rfp/txt/rfp2k01.txt) in early 2000 that detailed how SQL injection was used to compromise a popular Web site. Since then, many researchers have developed and refined techniques for exploiting SQL injection. However, to this day many developers and security professionals still do not understand it well.

In this chapter, we will look at the causes of SQL injection. We will start with an overview of how Web applications are commonly structured to provide some context for understanding how SQL injection occurs. We will then look at what causes SQL injection in an application at the code level, and what development practices and behaviors lead us to this.

Understanding How Web Applications Work

Most of us use Web applications on a daily basis, either as part of our vocation or in order to access our e-mail, book a holiday, purchase a product from an online store, view a news item of interest, and so forth. Web applications come in all shapes and sizes.

One thing that Web applications have in common, regardless of the language in which they were written, is that they are interactive and, more often than not, are database-driven. Database-driven Web applications are very common in todays Web-enabled society. They normally consist of a back-end database with Web pages that contain server-side script written in a programming language that is capable of extracting specific information from a database depending on various dynamic interactions with the user. One of the most common applications for a database-driven Web application is an e-commerce application, where a variety of information is stored in a database, such as product information, stock levels, prices, postage and packing costs, and so on. You are probably most familiar with this type of application when purchasing goods and products online from your e-retailer of choice. A database-driven Web application commonly has three tiers: a presentation tier (a Web browser or rendering engine), a logic tier (a programming language, such as C#, ASP, .NET, PHP, JSP, etc.), and a storage tier (a database such as Microsoft SQL Server, MySQL, Oracle, etc.). The Web browser (the presentation tier, such as Internet Explorer, Safari, Firefox, etc.) sends requests to the middle tier (the logic tier), which services the requests by making queries and updates against the database (the storage tier).

Take, for example, an online retail store that presents a search form that allows you to sift and sort through products that are of particular interest, and provides an option to further refine the products that are displayed to suit financial budget constraints. To view all products within the store that cost less than $100, you could use the following URL:

http://www.victim.com/products.php?val=100

The following PHP script illustrates how the user input (val) is passed to a dynamically created SQL statement. The following section of the PHP code is executed when the URL is requested:

// connect to the database

$conn = mysql_connect(localhost,username,password);

// dynamically build the sql statement with the input

$query = SELECT FROM Products WHERE Price < $_GET[val] .

ORDER BY ProductDescription;

// execute the query against the database

$result = mysql_query($query);

// iterate through the record set

while($row = mysql_fetch_array($result, MYSQL_ASSOC))

{

// display the results to the browser

echo Description : {$row[ProductDescription]}
.

Product ID : {$row[ProductID]}
.

Price : {$row[Price]}
;

}

The following code sample more clearly illustrates the SQL statement that the PHP script builds and executes. The statement will return all of the products in the database that cost less than $100. These products will then be displayed and presented to your Web browser so that you can continue shopping within your budget constraints. In principle, all interactive database-driven Web applications operate in the same way, or at least in a similar fashion:

SELECT

FROM Products

WHERE Price <100.00

ORDER BY ProductDescription;

A Simple Application Architecture

As noted earlier, a database-driven Web application commonly has three tiers: presentation, logic, and storage. To help you better understand how Web application technologies interact to present you with a feature-rich Web experience, illustrates the simple three-tier example that I outlined previously.

Figure 11 Simple Three-Tier Architecture The presentation tier is the topmost - photo 1

Figure 1.1 Simple Three-Tier Architecture

The presentation tier is the topmost level of the application. It displays information related to such services such as browsing merchandise, purchasing, and shopping cart contents, and it communicates with other tiers by outputting results to the browser/client tier and all other tiers in the network. The logic tier is pulled out from the presentation tier, and as its own layer, it controls an applications functionality by performing detailed processing. The data tier consists of database servers. Here, information is stored and retrieved. This tier keeps data independent from application , the Web browser (presentation) sends requests to the middle tier (logic), which services them by making queries and updates against the database (storage). A fundamental rule in a three-tier architecture is that the presentation tier never communicates directly with the data tier; in a three-tier model, all communication must pass through the middleware tier. Conceptually, the three-tier architecture is linear.

Next page
Light

Font size:

Reset

Interval:

Bookmark:

Make

Similar books «SQL Injection Attacks and Defense»

Look at similar books to SQL Injection Attacks and Defense. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.


Reviews about «SQL Injection Attacks and Defense»

Discussion, reviews of the book SQL Injection Attacks and Defense and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.