Join the social network of Tech Nerds, increase skill rank, get work, manage projects...
 
  • SQL Injection Attacks

    • 0
    • 0
    • 0
    • 0
    • 0
    • 0
    • 0
    • 0
    • 2.78k
    Comment on it

    SQL Injection Attacks

     

    The sensitive information in database of an organization can be stolen through sql injection attack by hackers. These attacks are often referred to as front end attack which takes place due to inappropriate coding. In these attacks SQL commands using sql statements are inserted in the code by hackers.


    These attacks takes place as database can be queried directly through the fields which are available for user inputs These user input fields allows sql statements to easily pass through.

     

    SQL Injection: A Simple Example  

     

    Create a table "tblemployee" :-

     

    Create table tblemployee
    (
     employeeName varchar(50) primary key,
     employeepwd varchar(50),
     address varchar(100)
    )
     

     

    Inserting values into tblemployee :-

     

    insert into tblemployee(employeeName,employeepwd,address)values('deepak','123456','Delhi');
    insert into tblemployee(employeeName,employeepwd,address)values('vaibhav','123456','Noida');
    insert into tblemployee(employeeName,employeepwd,address)values('suraj','123456','Gurgaon');
    insert into tblemployee(employeeName,employeepwd,address)values('arnesh','123456','Delhi');

     

    In Asp.net two textboxes are defined one for employeename and other for employee password in order to check user credentials.

     

    The following query string is to be executed in Asp.net :-

     

    "SELECT * FROM tblemployee WHERE employeeName = '"+ txtEmployeeName.text +"' and employeepwd = '"+ txtPwd.text +"'"; 

     

    Now for injection attack hacker will pass following input to textboxes :-

     

    "SELECT * FROM tblemployee WHERE employeeName = ';Drop table tblemployee --' and employeepwd = '12345678'";

     

    In above querystring txtEmployeeName.text is ;Drop table tblemployee -- and txtPwd.text is 12345678.

     

    A soon as semicolon is encountered in above querystring it will break the current sql statement.

     

    SELECT * FROM tblemployee WHERE employeeName = '' becomes one statement whereas statement after ; Drop table tblemployee becomes another statement leading to droping of table tblemployee from database and database becomes unmanageable.

     


    Solution for SQL Injection Attack

     

    • SQL statement should be build using SqlParameter for defining the Parameter Name, type, and value instead of defining a straight command.
    • CommandType should be specified  as Text or Stored Procedure in asp.net query.
    • If stored procedure are being used, sp_executesql command should be used instead of Exec command.
    • Another solution to stop SQL injection attack is filtering of the user input for SQL characters. A single apostrophe can be replaced with additional apostrophe using REPLACE function. Two consecutive single quotation marks are treated as an apostrophe character instance within the string. 

 0 Comment(s)

Sign In
                           OR                           
                           OR                           
Register

Sign up using

                           OR                           
Forgot Password
Fill out the form below and instructions to reset your password will be emailed to you:
Reset Password
Fill out the form below and reset your password: