Mumbai University > Information Technology > Sem 5 > Advanced Database Management System

Marks: 10M

Year: Dec 2015

SQL injection is a type of security attack on an organization’s database. In this attack, a string is attached by the attacker to an SQL command that forwards or retrieve data from the database. This is advantageous for attacker, as she/he may get unauthorised access to database or sensitive information.

1) SQL Manipulation:- if an application directly passes login credentials database, its prone to an SQL injection attack through SQL manipulation for e.g. We can take addition of a certain condition to the WHERE CLAUSE in an SQL query. This may skip the authentication procedure, & thus may give access to all activities that user can perform.

Select * from user_db WHERE username = ‘ Adam’ & PASSWORD = ‘Adampass’. Attacker has knowledge of username only he/she may change the previous statement as follows:- Select * from users_db WHERE username = ‘adam’ and (PASSWORD= ‘Adampass’ or (‘a’= ‘a’) Authentication will be. Skipped & db access may be granted to attacker.

2) Code injection:- adding more SQL statements to an SQL statement in an attempt to obtain access rights or some sensitive information is termed as code injection. This is another type SQL injection attack take advantage of some kind of bug that appears in the computer system due to invalid data processing. Intention of changing the course of query execution can be there by adding SQL statements.

3) Function call injection: - In this attacker inserts a call. The attacker may also get permission for making system calls through function call injection.

Risk associated with SQL injection attacks are:-

• Database Fingerprint: - Determining the type of database being used at backend may help attacker in quenching database specific attacks through SQL injection, the attackers may determine database that an organization user.
• Denial of services in an SQL injection attack, the database service can be flooded with requested by attacker. There’re, it would state rejecting the requests o segments users.
• Authentication bypass:- manipulation of SQL statements may result in by passing the authentication process thereby providing the attacker with access to database.
• Injectable parameter identification:- SQL injection attacks help an author in identifying the type & structure of database used at backend of a web application.
• The identification of injectable parameters is mainly carried out from default error page that contains excessive description of an application.
• Remote commands execution: - SQL injection attacks can be used to execute commands remoter the attackers may execute arbitrary commands on a database.
• Privilege Escalation performance: - A malicious person can take advantage of the flaws present in a database by upgrading the access levels of an individual who is not authorised for higher level roles.