SQL Injection{Comments Off on SQL Injection}


The article I read was about the 25 most dangerous software errors.  The article itself was very short but linked to an outside website called the Common Weakness Enumeration (CWE). This website created the top 25 most dangerous software errors list and showed how to mitigate these errors and the attacks that could insue.  The number one error on their list is titled ‘Improper Neutralization of Special Elements Used in an SQL Command.’  This error or attack is more commonly referred to as ‘SQL Injection.’   The website goes into great detail of how to avoid and prevent this type of attack as well as what could potentially happen if this attack occurred and even examples of how this attack would occur.

SQL injection is when an outside user places an SQL statement line into a field that would normally take user information.  An example of this is a e-mail service.  When creating an email, a user is required to enter certain information such as user name, first name, last name and so forth.  In one of these input fields, a SQL command line could be placed and if done properly, information could be retrieved from the database.  A simple example of this is:

“SELECT * FROM example WHERE owner = <userName> AND itemname = <itemName>;”

This simple query could potentially get the usernames of every person in a specific table.  Not only is someone able to get information from your database but they can also change data as well. Other simple examples that could do serious harm are:

UPDATE members

SET email = ‘stolen@example.net’

WHERE email = ‘example@example.com’

and

DROP TABLE example;

The website is incredibly detailed in how you can attempt to prevent and SQL Injection attack.  One of the simpliest ways to do so is to limit the characters allowed in a text field.  Removing characters just as quotation marks and other special symbols prevents SQL command lines from being placed and submitted in a text field.  Another way to mitigate attacks is privilege control.  By this the website means to only give users access that is necessary for their function in the database.  SQL injection seems to be a very easy task to gain information in a database but also there are several very simple and effective ways to protect your data from it.

 

‘The Top 25 Most Dangerous Software Errors’.  Wired Magazine.  May 14, 2012. http://www.wired.com/beyond_the_beyond/2011/06/the-top-25-most-dangerous-software-errors/

Linked to: http://cwe.mitre.org/top25/#Listing