Lesson Plan Title: How to Perform a SQLInjection
Concept / Topic To Teach:
SQL injection attacks represent a serious threat to any database-driven
site. The methods behind an attack are easy to learn and the damage
caused can range from considerable to complete system compromise.
Despite these risks, an incredible number of systems on the internet are
susceptible to this form of attack.
Not only is it a threat easily instigated, it is also a threat that, with a little common-sense and forethought, can easily be prevented.
It is always good practice to sanitize all input data, especially data that will used in OS command, scripts, and database queiries, even if the threat of SQL injection has been prevented in some other manner.
General Goal(s):
For this exercise, you will perform SQLInjection attacks. You will also
implement code changes in the web application to defeat these attacks.
String query = "SELECT employee.* "
+ "FROM employee,ownership WHERE employee.userid = ownership.employee_id and "
+ "ownership.employer_id = ? and ownership.employee_id = ?";
try
{
Connection connection = WebSession.getConnections(s);
PreparedStatement statement = connection.prepareStatement(query, ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY);
statement.setString(1, userId);
statement.setString(2, subjectUserId);
ResultSet answer_results = statement.executeQuery();
etc...