What the best online resource to learn about SQL injection attacks?

Click For Summary

Discussion Overview

The discussion centers around SQL injection attacks, specifically seeking clear definitions and reliable resources for understanding these attacks and securing databases against them. Participants express confusion over the various definitions and methods available online, and inquire about practical security measures for database systems, particularly MySQL.

Discussion Character

  • Exploratory
  • Technical explanation
  • Conceptual clarification
  • Debate/contested
  • Homework-related

Main Points Raised

  • One participant requests a clear and conceptual definition of SQL injection attacks, expressing confusion over the abundance of material available online.
  • Another participant provides a technical definition of SQL injection, describing it as an attack where an attacker modifies SQL statements through authorized channels to achieve unintended effects, emphasizing the importance of understanding this in the context of computer security.
  • A later post reiterates the need for a simple understanding of SQL injection and seeks advice on securing a MySQL database from such attacks.
  • One participant suggests that using prepared statements with parameters is a standard method to secure against SQL injection, cautioning against constructing SQL statements by appending user data directly.
  • Another participant notes that if one is using third-party software, they may be limited in their ability to secure against SQL injection unless they can modify the code or rely on the software authors to address security vulnerabilities.
  • Concerns are raised about the need for thorough code reviews by skilled programmers to identify and rectify potential weaknesses related to SQL injection.

Areas of Agreement / Disagreement

Participants express varying levels of understanding and approaches to SQL injection, with no consensus on a single definition or method for securing databases. The discussion reflects multiple perspectives on the complexity of the issue and the challenges faced by non-programmers in addressing it.

Contextual Notes

Participants highlight the confusion stemming from the variety of definitions and methods available online, indicating a lack of clarity in the existing literature on SQL injection attacks and security practices.

Who May Find This Useful

This discussion may be useful for individuals seeking to understand SQL injection attacks, particularly site administrators or those involved in database management who may not have a programming background.

monero
Messages
2
Reaction score
0
Hallo all,

I need a very conceptual and clear cut definition on sql attacks...there are so many forms of definition and material available on internet that I am just so confused...what the most reliable and authentic source to grasp this info.

Thanks
 
Technology news on Phys.org
Welcome to PF!

If you are asking about what a SQL injection attach is in technical (rather that, say, legal) terms, then I'd say it pretty much covers any situation where an attacker via an authorized channel (i.e. via normal usage of a web form, SOAP call, email, etc) to a back-end system can modify the SQL statements this system issues towards a database in order to achieve a side effect not originally intended or allowed by the system (like updating the database with "malicious" content, leaking information or denying normal service). This should be understood in the general computer security context of being an attack that exploits a weakness in a system for unintended purposes.

If (something) like the above is not what you seek, then perhaps you can tell what it is that confuses you and what you hope to "use" such definition for.
 
Filip Larsen said:
Welcome to PF!

If you are asking about what a SQL injection attach is in technical (rather that, say, legal) terms, then I'd say it pretty much covers any situation where an attacker via an authorized channel (i.e. via normal usage of a web form, SOAP call, email, etc) to a back-end system can modify the SQL statements this system issues towards a database in order to achieve a side effect not originally intended or allowed by the system (like updating the database with "malicious" content, leaking information or denying normal service). This should be understood in the general computer security context of being an attack that exploits a weakness in a system for unintended purposes.

If (something) like the above is not what you seek, then perhaps you can tell what it is that confuses you and what you hope to "use" such definition for.

Thank you for your attention

I read too many articles about this, that made me so confused. I really just want to know simple.

How to secure the database from SQL injection attacks, I do not understand how to maintain the security of a site using database mysq system

Thanks.
 
The usual method of securing your back-end code against SQL injection is to make sure all user data, i.e. all data the back-end receives from non-trusted parties no matter how it got transferred, is included into SQL statements using prepared statements with data inserted as parameters. The usual fallacy (security weakness) to look out for is an SQL statement constructed by textual appending the user data to the statement.

For instance (using Java, in other languages it would be similar) NEVER write

Code: 
  Connection con = ...
  Statement stmt = con.createStatement();
  ResultSet rs = stmt.executeQuery("SELECT * FROM sometable WHERE user = '" + username + "'");
If the variable username is allowed to pass to this code unaltered from the user, he can specify his name as "bob'; delete from sometable where user = 'alice" (without the outermost quotes) and have your system delete data for alice (or something more nasty).

Instead you should write
Code: 
  Connection con = ...
  Statement stmt = con.prepareStatement("SELECT * FROM sometable WHERE user = ?");
  stmt.setString(1, username);
  ResultSet rs = stmt.executeQuery();
where the important part is that you use the database driver to insert the user data in a safe manner (here using stmt.setString()). In general you need to check each SQL statement your back-end code constructs and make sure that it (using the above technique or something similar) do not allow user data to be inserted unchanged.

Other languages/libraries may use slightly more "unsafe" approach where you are to "escape" or "sanitize" variable with user data before you textually append them to your SQL statements. In any case, the key point is to follow the guidelines set forth by database library in order to avoid the possibility of SQL injections.

There are of course other attack types that may involve a database that would not necessarily be classified as an SQL injection (like denial of service, faulty business logic allowing otherwise valid SQL to be executed, information leakage, database driver or application code buffer overflows, date conversion errors, etc) so be on the lookout for other such weaknesses too.
 
monero said:
How to secure the database from SQL injection attacks, I do not understand how to maintain the security of a site using database mysq system

If you're writing your own software (or modifying someone else's), you can secure yourself from SQL injection. If you are using someone else's software and don't know how to change it, or aren't able to, then you're at the mercy of the authors of the software, and cannot guarantee security.

If you're getting tripped up on the descriptions of SQL injection, I'm guessing that you're probably a site admin, but not a programmer. In that case, there's really not much (if anything) you can do, short of getting a programmer to fix the code on your site, or learning how to program yourself, and fixing the code.

Any way you slice it, the problem with SQL injection is the code. Short of having a VERY THOROUGH programmer go through your code and check it for weaknesses, the best you can do is simply keep your copy of the software up to date, and hope that all the security holes are caught.

DaveE
 

Similar threads

Which resources are best for learning assembly language as a beginner?
  • · Replies 16 ·
Replies
16
Views
4K
Other Is having bad resources from university normal?
  • · Replies 27 ·
Replies
27
Views
2K
Fortran Learn Fortran: Best Way, Textbooks & Resources
  • · Replies 7 ·
Replies
7
Views
7K
Classical What Are the Best Resources for Learning Electromagnetic Scattering?
  • · Replies 2 ·
Replies
2
Views
2K
Chemical Forums down, or how I learned what slowloris is
  • · Replies 8 ·
Replies
8
Views
1K
What Are the Best Online Physics Learning Tools and Resources?
  • · Replies 31 ·
2
Replies
31
Views
41K
Other Relearning Math: Comparing Resources for the Best Learning Experience
  • · Replies 38 ·
2
Replies
38
Views
12K
Looking for learning resources for Computer Operating Systems
  • · Replies 4 ·
Replies
4
Views
4K
Comp Sci Confusions about Hopfield neural networks -- Questions about this solved example
  • · Replies 1 ·
Replies
1
Views
1K
Graduate Resource for learning about D and H
  • · Replies 19 ·
Replies
19
Views
3K