Subscribe by Email


Friday, April 20, 2012

What are different aspects of DBMS specific SQL injection attack?


DBMS specific SQL injection attack is one of the different types of the SQL injection. Some of the SQL injection attacks that are carried out today on web sites are based up on the DBMS specific SQL injection. 

About DBMS specific SQL


- DBMS specific SQL is employed for sending the certain specified statements to the engine of the data base for its execution. 

- Unless the connection is not specified, the default cursors for the default connections are used by the prolific. 

- For the DBMS specific SQL, the statements can fed to the data base engine in any format that it supports. 

- Such a privilege grants you the access to all the features of the data base.

- SQL injection attacks are quite well known vectors for the data base management systems because they fail to cleanse or sanitize the input supplied by the users. 

- Like in the web based applications, the passing SQL commands (these commands are the parameters of some stored procedure and functions) are exploited by the SQL injection attacks. 

- These malicious commands are then executed in the context of the component through which the required function is called. 

- This whole process is carried out via the system components as well as the administrator’s privileges.

- This process results in what is called the privilege escalation. 

Example to illustrate Privilege Escalation



- Suppose some component provides the backup functionality and is run at higher privilege.

- A function injected with the malicious SQL statements is called. 

- This allows the user become a DBA by escalating their privileges which then helps them to overtake the data base. 

- By keeping the data base patches up to date, many of the SQL injection attacks can be effectively avoided. 

- Though the classic SQL injection attack had become outdated and the inference SQL injection still continues to prevail as great security threat, the DBMS specific SQL injection attack is still considered to be supportive regardless of how the classic SQLIA, inference SQL and other types of SQLIAs are utilized. 

- The permissions to log in the data base that belongs to some web application can be limited to only what is required. 

- This may prove to be effective in reducing the affect of the SQL injection attack that may further exploit any bugs and errors present in the web application or site.

- Like bugs and errors the severity of the SQL injection attacks also ranges among low, medium and high levels.

- Following a successful SQL injection attack, the attackers can very easily execute the arbitrary SQL commands.

- Such vulnerability can be exploited by the remote authenticated users for injecting the malicious SQL statements and commands. 

-  A successful SQL injection can steal the sensitive data from the data base or modify it as he/ she desires.

- The attacker can even carry out the administrative operations on the data base like issuing a command to shut down the whole data base, recover a deleted file etc.

Approaches to avoid malicious SQL injection in database


Any of the two below mentioned approaches can be followed for avoiding the malicious SQL injections in to the data base:

1.  Parameterized queries: 
      - This approach involves the use of bounded queries. 
    - Out of the two, this is easier to follow and work in an almost similar way in many languages including java, .NET, PHP, Perl etc. 
      - In the parameterized queries the data and the query is kept separate from each other by bounds.

2.  Parameterized stored procedures: 
     - Though being a little difficult to implement, it proves to be more effective than the previous one in avoiding many types of SQL injection attacks.

Avoiding the use of dynamic table names and even if you are, don’t accept the names from the users since on using these measures it is very unlikely that your application will fall victim to the SQL injection attack. 


No comments:

Facebook activity