1. One reasearch database injection attack,research and discuss
the mitigation for that specific threat.
Please show Citation
2. Describe an instance of a data breach that has been made public
in the news.
Describe the cause of the breach.
Investigate what mitigation could have been put in place to avoid the data breach.
question1).
One reasearch database injection attack,research and discuss the
mitigation for that specific threat.
Please show Citation.
answer)
SQL INJECTION ATTACT
SQL Injection (SQLi) is an injection attack where an attacker executes malicious SQL statements to control a web application’s database server, thereby accessing, modifying and deleting unauthorized data.
In the early days of the internet, building websites was a simple process: no JavaScript, no, CSS and few images. But as the websites gained popularity the need for more advanced technology and dynamic websites grew. This led to the development of server-side scripting languages like JSP and PHP. Websites started storing user input and content in databases. MySQL became the most popular and standardized language for accessing and manipulating databases. However, hackers found new ways to leverage the loopholes present in SQL technology. SQL Injection attack is one of the popular ways of targeting databases. SQL Injection targets the databases using specifically crafted SQL statements to trick the systems into doing unexpected and undesired things.
What can SQL Injection do?
There are a lot of things an attacker can do when exploiting an SQL injection on a vulnerable website. By leveraging an SQL Injection vulnerability, given the right circumstances, an attacker can do the following things:
It all depends on the capability of the attacker, but sometimes an SQL Injection attack can lead to a complete takeover of the database and web application. Now, how does an attacker achieve that?
How do SQL Injection attacks work?
A developer usually defines an SQL query to perform some database action necessary for his application to function. This query has one or two arguments so that only desired records are returned when the value for that argument is provided by a user.
An SQL Injection attack plays out in two stages:
EXAMPLE
Consider the following example in which a website user is able to change the values of ‘$user’ and ‘$password’, such as in a login form:
1$statement ="SELECT * FROM user where username = '$user' AND password '$passw' "
This particular SQL statement is passed to a function which in turn sends the string to the connected database where it is parsed, executed and returns a result.
#Define POST variables
uname =
request.POST[
'username'
]
passwd =
request.POST[
'password'
]
#SQL query vulnerable to SQLi
sql = “SELECT id FROM users WHERE username=’” + uname + “’
AND password=’” + passwd + “’”
#Execute the SQL statement
database.execute(sql)
Now, if the input is not properly sanitized but the application, the attacker can easily insert carefully crafted value as input. For example something like:
1$statement ="SELECT * FROM user where username = 'dean' OR '1'='1'- -' AND password ='Winchesters' ";
So, what’s happening here? The highlighted part is the attacker’s input, it contains 2 special parts:
Once the query executes, the SQL injection effectively removes the password verification, resulting in an authentication bypass. The application will most likely log the attacker in with the first account from the query result — the first account in a database is usually of an administrative user.
Note that this is just one way of exploiting the SQL Queries to get the necessary information in an unofficial way. SQL Injection attacks are divided into multiple types.
question2).
Describe an instance of a data breach that has been made public
in the news.
Describe the cause of the breach.
Investigate what mitigation could have been put in place to avoid the data breach.
answer)
an instance of a data breach that has been made public in the news.
mitigation could have been put in place to avoid the data breach.
Get Answers For Free
Most questions answered within 1 hours.