IsaacShoebottom/Notes
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Renormalize files

Browse Source
This commit is contained in:
Isaac Shoebottom
2025-01-07 19:27:29 -04:00
parent 2bf7d29931
commit f34e528b5a
112 changed files with 12951 additions and 12951 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
UNB/Year 4/Semester 1/CS2418/10-23-2023.md
View File

@ -1,23 +1,23 @@
Lecture Topic: SQL attacks
[Slides](https://lms.unb.ca/d2l/le/content/231513/viewContent/2617915/View)
## Inferential attack:
An inferential attack, there is no transfer of data, but the attacker is able to reconstruct information by sending particular requests, and observing the behavior of the website or database
Examples include
- Illegal/logically incorrect queries: This lets the attacker gain information by observing the behavior of the backend system. Even error codes can often give the attacker information about vulnerable/injectable
- Blind SQL injection: This attacks allow the attacker to infer data present on the server, by noticing the differences in of the result of the injection. An example would be the difference between a request with injection being true or false, it could be a result code, an empty response, result strings.
## Out of band attack:
This is a type of attack where the attacker receives information through another method, like an email containing data. This can happen when the outbound connectivity of a system is lax.
# SQL injection countermeasures
There are three types of countermeasures, generally
## Defensive Coding
Here are a few defensive coding techniques:
- Manual defensive coding practices like type checking (only allow alphanumeric characters in username)
- Parameterized query inspection, by specifying the structure of a query, we can inspect the contents of input and not allow the parameters to affect the structure of the query itself
- SQL DOM is a way to do automatic data validation and escaping by providing a standard structure to database queries.
## Detection
Lecture Topic: SQL attacks
[Slides](https://lms.unb.ca/d2l/le/content/231513/viewContent/2617915/View)
## Inferential attack:
An inferential attack, there is no transfer of data, but the attacker is able to reconstruct information by sending particular requests, and observing the behavior of the website or database
Examples include
- Illegal/logically incorrect queries: This lets the attacker gain information by observing the behavior of the backend system. Even error codes can often give the attacker information about vulnerable/injectable
- Blind SQL injection: This attacks allow the attacker to infer data present on the server, by noticing the differences in of the result of the injection. An example would be the difference between a request with injection being true or false, it could be a result code, an empty response, result strings.
## Out of band attack:
This is a type of attack where the attacker receives information through another method, like an email containing data. This can happen when the outbound connectivity of a system is lax.
# SQL injection countermeasures
There are three types of countermeasures, generally
## Defensive Coding
Here are a few defensive coding techniques:
- Manual defensive coding practices like type checking (only allow alphanumeric characters in username)
- Parameterized query inspection, by specifying the structure of a query, we can inspect the contents of input and not allow the parameters to affect the structure of the query itself
- SQL DOM is a way to do automatic data validation and escaping by providing a standard structure to database queries.
## Detection