Added (introduction) extra to the sidebar menu on the left.
Slightly modified SQL Injections explanation/example.
This commit is contained in:
		
				
					committed by
					
						 Nanne Baars
						Nanne Baars
					
				
			
			
				
	
			
			
			
						parent
						
							adc8891160
						
					
				
				
					commit
					0529289f6d
				
			| @ -2,7 +2,7 @@ | |||||||
| StringSqlInjectionSecondStage=Now that you have successfully performed an SQL injection, try the same type of attack on a parameterized query.  Restart the lesson if you wish to return to the injectable query. | StringSqlInjectionSecondStage=Now that you have successfully performed an SQL injection, try the same type of attack on a parameterized query.  Restart the lesson if you wish to return to the injectable query. | ||||||
| EnterLastName=Enter your last name: | EnterLastName=Enter your last name: | ||||||
|  |  | ||||||
| sql.injection.title=SQL Injection | sql.injection.title=SQL Injection (introduction) | ||||||
| sql.mitigation.title=SQL Injection (mitigation) | sql.mitigation.title=SQL Injection (mitigation) | ||||||
| sql.advanced.title=SQL Injection (advanced) | sql.advanced.title=SQL Injection (advanced) | ||||||
|  |  | ||||||
|  | |||||||
| @ -1,5 +1,4 @@ | |||||||
| {nbsp} + | {nbsp} + | ||||||
| {nbsp} + |  | ||||||
|  |  | ||||||
| ==== Here are some examples of what a hacker could supply to the input field to perform actions on the database that go further than just reading the data of a single user: | ==== Here are some examples of what a hacker could supply to the input field to perform actions on the database that go further than just reading the data of a single user: | ||||||
|  |  | ||||||
|  | |||||||
| @ -3,8 +3,9 @@ | |||||||
| SQL Injections are the most common web hacking techniques. *A SQL injection attack consists of insertion or "injection" of malicious code via the SQL query input from the client to the application.* If not dealt with correctly, such an injection of code into the application can have an serious impact on e.g. data integrity and security. | SQL Injections are the most common web hacking techniques. *A SQL injection attack consists of insertion or "injection" of malicious code via the SQL query input from the client to the application.* If not dealt with correctly, such an injection of code into the application can have an serious impact on e.g. data integrity and security. | ||||||
|  |  | ||||||
| SQL Injections can occur, when unfiltered data from the client, e.g. the input of a search field, gets into the SQL-Interpreter of the application itself. If the input from the client does not get checked for containing SQL Commands, hackers can easily manipulate the underlying SQL-Statement to their advantages. + | SQL Injections can occur, when unfiltered data from the client, e.g. the input of a search field, gets into the SQL-Interpreter of the application itself. If the input from the client does not get checked for containing SQL Commands, hackers can easily manipulate the underlying SQL-Statement to their advantages. + | ||||||
| Per example if the input is not filtered for SQL metacharacters like *--* (comments out the rest of the line) or *;* (ends a SQL-query and that way can be used to chain them) | Per example if the input is not filtered for SQL metacharacters like *--* (comments out the rest of the line) or *;* (ends a SQL-query and that way can be used to chain them). | ||||||
|  |  | ||||||
|  | {nbsp} + | ||||||
|  |  | ||||||
| == Example of SQL Injection | == Example of SQL Injection | ||||||
|  |  | ||||||
| @ -18,14 +19,13 @@ The SQL-query to retrieve the user information from the database looks like that | |||||||
| ------------------------------------------------------- | ------------------------------------------------------- | ||||||
|  |  | ||||||
| The variable *userName* holds the input from the client and “injects” it into the query. + | The variable *userName* holds the input from the client and “injects” it into the query. + | ||||||
| If the Input would be Smith the query then looks like that + | If the input would be Smith the query then looks like that + | ||||||
| ------------------------------------------------------- | ------------------------------------------------------- | ||||||
| "SELECT * FROM users WHERE name = 'Smith'"; | "SELECT * FROM users WHERE name = 'Smith'"; | ||||||
| ------------------------------------------------------- | ------------------------------------------------------- | ||||||
| and would retrieve all data for the user with the name Smith. | and would retrieve all data for the user with the name Smith. | ||||||
|  |  | ||||||
|  | {nbsp} + | ||||||
| But if an attacker supplies an unexpected input which could be part of a SQL-query, the query itself can be modified and that way be used to perform other (malicious) actions on the database. | But if an attacker supplies an unexpected input which could be part of a SQL-query, the query itself can be modified and that way be used to perform other (malicious) actions on the database. | ||||||
| {nbsp} + |  | ||||||
| {nbsp} + |  | ||||||
|  |  | ||||||
| Here is an input field. Try typing some SQL in here to better understand how the query changes. | Here is an input field. Try typing some SQL in here to better understand how the query changes. | ||||||
		Reference in New Issue
	
	Block a user