Do you really believe your data is safe?
Here is an example of a severe security breach that will make you think otherwise:<\/p>\n\n\n\n
\u201cApril 15th 2016, 11.5 million<\/strong> documents were leaked that had details about financial and attorney\u2013client information for more than 214,488 offshore entities<\/strong>. The Panama Paper leak named 12<\/strong> current or former world leaders; 128 <\/strong>other public officials and politicians; and hundreds of celebrities, businessmen, and other wealthy individuals of over 200 countries<\/strong>.\u201d<\/p>\n\n\n\n This is simply a small example out of thousands of security compromised situations. Still believe your credit and debit card details are safe? What about your personal details like your passport number?<\/p>\n\n\n\n SQL Injection is seen to be once again listed as the top OWASP (Open Web Application Security Project) vulnerability.\u00a0<\/p>\n\n\n\n SQL injection is an attack technique used by hackers to steal data from organizations by targeting web-based applications.<\/p>\n\n\n\n Hackers take advantage of improper coding styles or insufficient database privileges assigned to users who access this database. This allows attackers to tamper with or even delete existing data<\/strong>, spoof identity<\/strong>, change administrative rights and in some cases void transactions<\/strong> and change balances<\/strong>. A Blind SQL injection attack doesn\u2019t reveal data directly from the database being targeted. The attacker makes different SQL queries that ask the database TRUE<\/strong> or FALSE <\/strong>questions. Then they analyze differences in responses between TRUE<\/strong> and FALSE<\/strong> statements. It is the most popular type of SQL injection. This type of attack uses the UNION<\/strong> statement to obtain data from the database. The UNION <\/strong>keyword lets you execute one or more additional SELECT<\/strong> queries and append the results to the original query. An error-based SQL injection is the simplest type. In this attack, we cause an application to show an error to extract the database. Normally, you ask a question to the database, and it responds with an error including the data you asked for.<\/p>\n\n\n\n Let’s look at a very simple SQL Injection technique. The query for doing so would look like this: Where ‘uname’ is the variable that stores the input you type in the username field, and ‘pass’ is the variable that stores the password you type in the password field. The query looks pretty good and will definitely work, but the truth is that it\u2019s ridiculously insecure.<\/p>\n\n\n\n Consider in the username and password field you type in the following:<\/p>\n\n\n\n So now, the query ends up looking like this: The statement 1=1<\/strong> is always TRUE<\/strong>. Since there is a \u2018OR<\/strong>\u2019 statement, it doesn\u2019t matter if the username or password given is wrong and logging in with wrong credentials ends up as a success.<\/p>\n\n\n\n Not to worry though, sites nowadays are highly resistive to such an attack and have taken major precautions to prevent a variety of different SQL Injection attacks.<\/p>\n\n\n\n Prevention measures include form validation, restricting access and simply writing better code. SQL Injections are seen to be one of the most classic attacks used by attackers to gain sensitive information. – An article by Meghna Kashyap, 3rd Year Information Technology<\/em><\/strong><\/p>\n","protected":false},"excerpt":{"rendered":" In this era of Information Technology where ‘Data is the King’, how secure is your data?<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"footnotes":""},"categories":[25,10],"tags":[232,229,234,228,230,231,235,236,227,233],"class_list":["post-864","post","type-post","status-publish","format-standard","hentry","category-sanganitra","category-tech","tag-blind-sql-injection","tag-data","tag-error-based-sql-injection","tag-injection","tag-leak","tag-owasp","tag-password","tag-secure","tag-sql","tag-union-based-sql-injection"],"_links":{"self":[{"href":"https:\/\/nitk.acm.org\/blog\/wp-json\/wp\/v2\/posts\/864","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nitk.acm.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nitk.acm.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nitk.acm.org\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/nitk.acm.org\/blog\/wp-json\/wp\/v2\/comments?post=864"}],"version-history":[{"count":6,"href":"https:\/\/nitk.acm.org\/blog\/wp-json\/wp\/v2\/posts\/864\/revisions"}],"predecessor-version":[{"id":870,"href":"https:\/\/nitk.acm.org\/blog\/wp-json\/wp\/v2\/posts\/864\/revisions\/870"}],"wp:attachment":[{"href":"https:\/\/nitk.acm.org\/blog\/wp-json\/wp\/v2\/media?parent=864"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nitk.acm.org\/blog\/wp-json\/wp\/v2\/categories?post=864"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nitk.acm.org\/blog\/wp-json\/wp\/v2\/tags?post=864"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}SQL Injection<\/h2>\n\n\n\n
How Exactly Is It Implemented?<\/h2>\n\n\n\n
SQL injection arises because user input fields – if not checked correctly at the application – allow SQL statements to pass through and directly alter or retrieve information from the database.<\/p>\n\n\n\n
In short, someone could steal your identity, all your money in a day and you could pretty much become nonexistent in the world!<\/p>\n\n\n\nDifferent Types of SQL Injections<\/strong>
<\/h2>\n\n\n\nBlind SQL Injection<\/strong><\/h3>\n\n\n\n
Blind SQL Injections are often used to build the database schema and get all the data in the database. This is done using brute force techniques and requires many requests but may be automated by attackers using SQL Injection tools.<\/p>\n\n\n\nUnion-Based SQL Injection<\/strong><\/h3>\n\n\n\n
In order to implement this attack, some amount of information such as number of columns of the table, data types etc. have to be known beforehand.<\/p>\n\n\n\nError-Based SQL Injection<\/strong><\/h3>\n\n\n\n
Consider logging in to a site.<\/p>\n\n\n\n
SELECT * FROM User WHERE username = uname AND password = pass<\/strong><\/p>\n\n\n\nUsername<\/strong><\/td> JakePeralta<\/em><\/td><\/tr> Password<\/strong><\/td> \u2018\u2019 OR 1=1<\/em><\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n
SELECT * FROM User WHERE username = \u2018JakePeralta\u2019 AND <\/strong>
password = \u2018\u2019 OR 1=1<\/strong><\/p>\n\n\n\nConclusion<\/h2>\n\n\n\n
Though nowadays all websites are built keeping in mind a variety of threats, highly complex SQL injections can still pose a danger to the security of any website.<\/p>\n\n\n\n