Injection Vulnerabilities

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *

Already have an account? Sign In »

1 hour 27 minutes
Video Transcription
Hello. My name's I happily Welcome to the overview off Secure Code in.
Who asked this? Open Web applications security projects is actually a reputable project for Web application vulnerabilities. So I want to take it. You got it stopped in on Archer verts, then? I mean, I openly Alani injection. There are different types of injection. We could have escalated injection,
held up injection on us. Injection my menu outside.
So both for Bacchus. Ah nde develop us. SQL injection is actually common, so we're going to be picking Erica SQL injection The intro The causes scenario Impact prevention solution on someone's question now in SQL injection on trusted it ties actually sent to the back end quote
usually from the U Zion toughies.
These aren't offices. The front end which the user in court interrupt streets. Now, in this case, the user is actually meant to enter some impudence for the user name and password, but the kind this case doesn't use on him. He doesn't have a passport.
Yeah, probably tested the application, which is standing so to realize that it is actually vulnerable too.
SQL injection. So it is going to craft some white tent some impurities in sweets because he knows the interpreter. Eyes gullible. The capital does not divided. So validating what the guy enters it just simply con consummate. These are entrusted money shows. Data
with the query are simply as acute. See, now look at it. Type of I 10. The type of impurity has actually crafted.
hey, you have 123 apostrophe or wanted boss one Now the ones who three year is as them to be. These aren't even though he doesn't even know if there's anybody who has a username wants a tree. So that would definitely feel boy here where you have one in close one Wallace before want which is true now here we are. The ash
ash is a comment stout in SQL
So what they've up comes beyond the ash will not be interpreted by the interpreter. So in this case, the capitalists noticed about it without subject. If user name is 123 or one, it was on The ACA is not actually sure this 123 by social off one, Of course one. So in this case,
everything in the database will be returned. If one equals one
now except if there's no R avenue for everything in the database to be displayed on the screen, it doesn't have any for everything to be displayed on the screen. I want itwas on. Everything will be displayed else. If there's only on a venue for one room or they thought to be displayed is just one.
They will be displayed in Mackey's. Now it could be one. It wants one. It could be three watts. True. So this is a very crafty impute. We're going to take a look at out is actually performed
real life on a backboard on Zampa will show, you know. So here
I'm on a professional called We club so you can sign up if your first time I bob and I come back, I use Yes, I have it.
They want to agree. So what's on signing? This is the part where you can actually perform the McCain miracles. So you gotta see this. Our top 10. So we actually have where, Then start with SQL injection. So where then start with unauthorized Logan. So I'm going to craft the same kind of thing I can do. Mimi,
then acquitted. Then I'll see all
two walls to actually don't know if there's a username called me, but I know two warders because it through anywhere in the world that are going to put on ash here to, um,
so neutralized everyone. I had them in the query that says they so once I stopped me. Actually, if your child gets up these, you find out that there's no user name called me. So let's take a look at it. It's obvious
this is the user design user names you can see we are. He wants 34 We don't have any of them. That is maybe, but it was to be able to lock it in because I'm going to the city. Our interpreter with this two equals two. So let's submits.
Once we submitted, Cassie has opened up the wallet. Be the weapon is actually a sensitive big way or your wallets. Credit details Our farm like agency. Yeah, is your personal well that beat you can access the next time to see or well educated? Wow. So that's simply to tell you that
it is a very sensitive is our national Sony's logo.
What's right? Don't show you one adjectives on exposed but I've been able to look in with my account with that crafty impute. Now, now let's city busy came for
you can see this is it for you. Find out that a four is lasts at them. Here
is the last one on this room. So that's simply to tell you that if I add the other new off this plane, everything on this train, everything would have been displayed. But because the club is just going to display only one set off detail and that's why it's a pick, the last one
in Darkest. So you guys see, I can see the person's age. All these are personal, identifiable information. Now let's look at the wall and sinful.
Wow, this is the credit card is the pain, and there's the balance. Is Adrian Bar car registration to two. So I can just till this information on dhe begin to use it where I want Now this is for it, for you can see now what's to logging.
I'm going to choose, which wants to actually make do it like I don't see jagga. Then our provides up and do or and I don't do for the four equals 44 in this case. Now I'm going to put on ash here,
but before I put the ash, I want to be able to specify those details I want to say. So I'm going to do we need one? I can do off. Say it's one so it simply means out offset one.
Hey means I want so Lim Wan, I need just one set of data. So in this case, after I want is the 2nd 1 So if you saw me, this is going to review this Akane passing
in the table.
You got seduced it, Sue
they got his wallet is in full, so I can still do the same.
I can't do the same to Yeah, I see puku
then provide up. Then I can do to equals true. Then doodly meets one, then do offsets
true in Darkest. Then I need to put on ash in this case. So separate it from the cash then submitted or you're saying try again, *** it! Something is drunk somewhere. Okay, maybe limits one. So miss it
or something is wrong in this case too. So here. Oh, there's our old idea fixing day. So it's going to be true or soup because to somebody that, yeah, it goes in ST So it's going to because pick for the top person So you can see that purposes. So that is simply our SQL injection actually walks.
Now you have seen out this works such as prevalent in sq is preventing the British system on held out system.
SQL injections constitute about 51% of cyber attacks on Web applications in the second quarter of 2007. So you guys see deciding time so post are imputed to use. This is a commenced artisan comenta These are communist also always find a way to remove them. Sanitize them from your impute stood up
your interpreter I would not for pre also
so another course is gullible interpreter Most of our interpreters are going just upset Whatever I sent to them from the front end on, they begin to interpret. So what? Impact off some of these things like we have seen you did die a special. I've been able to see
people's details from their denial of access. I can't log in then change the password on the on the actual you know? No babe, it's working again. I'm denying him off the acid
there can be completely covered. It can be data corruption like I even objects is an SQL injection. I can't believe. What about that, Carlos? I can't delete on Do any order Athenian darkies. Now
what? How do you know Prevent SQL injection? The best bet is to use a safety piak now totally avoid use off interpreter. So because we know most of those interpreters are going
so uses if FBI now avoided, then allow one is used during layout. Sanitization off in pubes
like if your beauty Oh, your application in an M v c model Emmett's mother v for view and see for controller you got sanitized it anymore. They're level. You got to sanitize it at the control I live. Then you can do black police the white least they can do Ask your limits so that
everything will not be destroyed or lots once they're black, please, for I think they are not going to be
using, like all those comments star so that wants our educational system to simply neglects them. So let's take a look at our attempted to prevent SQL injection simply by sanitization Now I'll take you through the court in Jack. Sean Jarvis. So this is more or less like my controller
where I have ingestion.
Um, the G is. I think I have a method called sanitizing Cassie to sanitize things like this upper stuff. It is like business like that on it's removed them from the impudence that user are brings in. So I'm going to, um,
go back to being a ghost is our entire. So I'm just going to call the function at this point. So here we are. Sanitize, then here I'm going to put out there. So we have a son goodbyes,
which is the name of the function. I showed your area. So does it. So I'm great toe. Say that.
Yes, I saved out. I'll go back to my court
Arthur. Rerun it. So which I've just don't or are. Simply
do this. Now I'll go back to that s cure on. Enter the same thing and let's see if it will go. So I'll be on my way to end our really
all so equals so close to. Then I'll put on ashen napkins. So let's save it to go.
Oh, it's actually goes true, and that's simply because the application has not being fully deployed. But once we deployed correctly, I can assure you that that's will not walk. So maybe I should blogging again yet.
So here I have
a read, then here, Have, um 123 So I'm going to submit that. So let's come out to this unauthorized Claudine, then have, um,
e like essay. Oui, oui. Again.
Really? Then I put this than I do on all and one because one and puts on Ashton submits it.
Well, it still goes true. So I guess something is wrong with it. So I can assure you that at this point, I think I need to redeploy the old application. Olive, I again. But I can assure you that at this point wants you include this sanitised. It's real. Sanitize it. I mean it. I showed that those strength characters on actually
used in that case.
So that is also prevent Ask your there could be other ways or preventing its docket. So this time I didn't find the wrong statements. And this is it's a B, C or D.
Here we have SQL injection is a common solution to most vulnerabilities apart because of their own statement is not a solution in this case. So I don't want his SQL injection is on our back, in which dash code is a Saturday into strength a little pastor and his pants off the scale. Summer
one is my initials. We don't doubt clean non magicians inside my initials.
Also off taking with the introduction of SQL on ejection in which carefully crafted could ascend to the backhand to exploit the weakness of the interpreter. Then, um,
where the one off the coast this is on sanitized, impure. Then I showed your scenarios. I showed you the impact of that on outside, prevented by simply sanitizing your impure. So I guess the injection is a peek. A boo is only applicable to Web. Application is also applicable to desktop applications.
So I've been led on seeing the injection in action. Our advancing auto for fixing off sort of been injected
Up Next