[go: up one dir, main page]
Scribd
Upload
17 views7 pages

SQL Injection Report With Images

Sql injection report with images

Uploaded by

RAJ YADAV
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
17 views7 pages

SQL Injection Report With Images

Sql injection report with images

Uploaded by

RAJ YADAV
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 7

Abstract

SQL Injection (SQLi) is a code injection vulnerability


that allows attackers to manipulate queries an
application sends to its database. It is one of the most
common and dangerous vulnerabilities in web
applications. This report explores SQLi in the context of
MITRE ATT&CK Technique T1190 – Exploit Public-
Facing Application – to help understand, detect, and
mitigate such attacks.
Introduction
SQL Injection (SQLi) occurs when untrusted input is
inserted into an SQL query without proper sanitization.
It enables attackers to bypass authentication, access,
modify, or delete database data. Historically, SQLi has
been responsible for some of the largest data breaches,
and it remains relevant today due to widespread use of
SQL databases.
MITRE ATT&CK Mapping
SQLi maps to MITRE ATT&CK Technique ID T1190 –
Exploit Public-Facing Application. Adversaries exploit
vulnerabilities in Internet-facing systems to gain initial
access.
Reference: https://attack.mitre.org/techniques/T1190

Types of SQL Injection


● Classic/Basic SQLi: Injection in form fields or URLs.
Example: ' OR '1'='1
● Blind SQLi: No visible errors; information inferred
through true/false behavior.
● Time-Based Blind SQLi: Server response time
indicates payload success.
● Union-Based SQLi: Uses UNION to fetch data from
other tables.
● Error-Based SQLi: Uses SQL errors to extract data.
● Out-of-Band SQLi: Uses alternate channels like
DNS/HTTP to extract data.
Example SQL Injection payload in a login query:
SELECT * FROM users WHERE username = 'admin' AND
password = '1234';
' OR '1'='1 --
Testing Methods
Common tools and methods for detecting SQLi:
● SQLMap – Automated SQLi testing
● Burp Suite – Web proxy for interception
● Nmap + NSE Scripts – Service detection
● Manual Payloads – e.g., ' OR 1=1 --
Prevention Techniques
● Parameterized Queries / Prepared Statements
● Use of ORMs (Object Relational Mappers)
● Strict Input Validation (Whitelisting)
● Least Privilege Principle
● Web Application Firewall (WAF)
Case Studies
Sony Pictures Hack (2011): SQLi was used to leak user
data.
Heartland Payment Systems (2008): SQLi contributed
to a breach affecting over 100 million records.
Diagram: SQL Injection Process

The diagram below illustrates the flow of a SQL


Injection attack. It begins with user input, such as from
a login form, which is processed by the application
without proper validation. Malicious SQL code is
inserted into the query and executed by the database,
potentially leading to the exposure, modification, or
deletion of sensitive data.
Screenshot: SQLMap Testing

The following screenshot shows an example run of


SQLMap, an automated SQL Injection testing tool. In this
simulated case, SQLMap detects a UNION-based SQL
injection vulnerability in the 'user' parameter and
successfully retrieves the names of the databases from
the target server.

You might also like