Injection flaws are ranked at number 2 on OWASP's Top 10 2007 list for the most common web application vulnerabilities, and SQL injection is the most commonly exploited injection flaw.
What is SQL Injection?
SQL injection is a type of hack that can be performed when a web application accepts input from a user (such as a user name or password). Instead of typing valid data, the hacker will use characters that are part of the SQL syntax. This way, the hacker can construct his or her own database query, and maybe gain more information about the database that can be used for more harmful attacks. Sometimes it is even possible to log into a system using SQL injection. I found a video example of this on YouTube, and you can view it below.
Video Example
Who is Vulnerable?
Any web application that uses user input as part of a database query is susceptible to a SQL injection hack.
How Can These Attacks be Prevented?
Although SQL injection vulnerabilities are still relatively common , it is easy to fix them. The first rule of thumb is to ALWAYS validate user input on the server side. As the above video demonstrates, client side JavaScript data validation is not enough because users can get around it if they really want to. Second, a query containing user input should never be executed without first being prepared in some way. In Java, this means using a PreparedStatement object. If the web application is written in PHP with a MySQL database, use the mysql_real_escape_string() function. Last, the web server needs to be configured so that error pages do not reveal information about the inner workings of the web application (i.e. table names, row names). Hackers would love to get their hands on this type of information.
Resources
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment