<div align="Center"> <p><b>Lesson Plan Title:</b> How to Create Database Back Door Attacks.</p> </div> <p><b>Concept / Topic To Teach:</b> </p> How to Create Database Back Door Attacks. <br> <div align="Left"> <p> <b>How the attacks works:</b> </p> Databases are used usually as a backend for web applications. Also it is used as a media of storage. It can also be used as a place to store a malicious activity such as a trigger. A trigger is called by the database management system upon the execution of another database operation like insert, select, update or delete. An attacker for example can create a trigger that would set his email address instead of every new user's email address. </div> <p><b>General Goal(s):</b> </p> <!-- Start Instructions --> * Your goal should be to learn how you can exploit a vulnerable query to create a trigger.<br> * You will not be able to actually create one in this lesson because the underlying database engine used with WebGoat doesn't support triggers.<br> * Your login ID is 101. <!-- Stop Instructions -->