New Reply 
SQL INJECTION A SEMINAR REPORT
project topics Offline
SP Deserved Member
**********
Posts: 2,481
Threads: 1,434
Joined: Mar 2010
#3
24-04-2010, 08:16 PM

Presented By:

BY:-
Nikita Dhurve
Bvcoew,Pune.
SQL INJECTION

SYNOPSIS:-
This paper contains information about extremely popular database attacks. Most of today's web applications require dynamic content and input from users which further are maintained in a database. This is achieved by using languages such as SQL the most common being mySQL.

A SQL injection attack consists of insertion or "injection" of a SQL query via the input data from the client to the application. A successful SQL injection exploit can read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database recover the content of a given file present on the DBMS file system.

The attacker can gain unauthorized access to restricted data such as usernames /passwords/email addresses etc which is sucked by the web applications to perform some specific tasks. It attacks on the web application
(like ASP, JSP, PHP, CGI, etc) itself rather than on the web server or services running in the OS.

CATEGORIES OF SQL INJECTION ATTACKS
Four main categories of SQL Injection attacks against Oracle databases “
1. SQL Manipulation
2. Code Injection
3. Function Call Injection
4. Buffer Overflows
AVOIDING SQL INJECTION VULNERABILITIES
The various techniques used to prevent SQL injections are:
1. Parameterized query
2. Stored procedure
3. Regular expression to discard input string
4. Quoteblock function
5. Do not show detailed error messages to the user.
6. Have a less privileged user/role of your application in database
AUTOMATED SQL INJECTION TOOLS
1.Wpoison is a tool that will find any strings potentially SQL Injection vulnerabilities in dynamic web documents.
2. mieliekoek.pl is an SQL Injection insertion crawler that will test all forms on a website for possible SQL injection problem.
3. SQLbf is a SQL Server Password Auditing tool. This tool should be used to audit the strength of Microsoft SQL Server passwords offline.
Conclusion:-
The purpose of this article is to make aware the people related to database
maintenance say DBA, Site owner, Computer science students working on database projects
and to general people who are launching their sites on internet.Through this article one can know that what are the breaches that can be secured either code or protection security like firewalls.
Find
Reply
New Reply 

Important Note..!

If you are not satisfied with above reply ,..Please

ASK HERE

So that we will collect data for you and will made reply to the request....OR try below "QUICK REPLY" box to add a reply to this page
Tagged Pages: robust network architecture of sql injection,
Popular Searches: ww lotteri son bad com, cyberangel comic, java sql resultset getmetadata, jedit syntax highlighting, dfd for sql injection, pl sql tool, sql injection kdd dataset,

[-]
Quick Reply
Message
Type your reply to this message here.
Image Verification
Please enter the text contained within the image into the text box below it. This process is used to prevent automated spam bots.
Image Verification
(case insensitive)

Messages In This Thread
RE: SQL INJECTION A SEMINAR REPORT - by project topics - 24-04-2010, 08:16 PM
ztdczn cqophj mtnacs - by MichaelPn - 17-03-2014, 02:46 AM
soitrq pbbray soqzug - by MichaelPn - 18-03-2014, 11:34 AM
EqxCatNqQbmaTVLnxf - by rhUUDeB - 18-10-2014, 12:37 PM

Possibly Related Threads...
Thread Author Replies Views Last Post
  Optical Computer Full Seminar Report Download computer science crazy 46 68,141 29-04-2016, 09:16 AM
Last Post: dhanabhagya
  Digital Signature Full Seminar Report Download computer science crazy 20 45,510 16-09-2015, 02:51 PM
Last Post: seminar report asees
  HOLOGRAPHIC VERSATILE DISC A SEMINAR REPORT Computer Science Clay 20 39,974 16-09-2015, 02:18 PM
Last Post: seminar report asees
  Computer Sci Seminar lists7 computer science crazy 4 11,883 17-07-2015, 10:29 AM
Last Post: dhanyasoubhagya
  Steganography In Images (Download Seminar Report) Computer Science Clay 16 26,403 08-06-2015, 03:26 PM
Last Post: seminar report asees
  Mobile Train Radio Communication ( Download Full Seminar Report ) computer science crazy 10 28,454 01-05-2015, 03:36 PM
Last Post: seminar report asees
  A SEMINAR REPORT on GRID COMPUTING Computer Science Clay 5 16,333 09-03-2015, 04:48 PM
Last Post: iyjwtfxgj
  Image Processing & Compression Techniques (Download Full Seminar Report) Computer Science Clay 42 23,404 07-10-2014, 07:57 PM
Last Post: seminar report asees
  IRIS SCANNING Full Seminar Report download Computer Science Clay 27 25,697 17-08-2014, 05:49 PM
Last Post: ewpltnbbq
  Bluetooth Security Full Download Seminar Report and Paper Presentation computer science crazy 21 26,720 07-08-2014, 11:32 PM
Last Post: [email protected]

Forum Jump:

Contact Us | Student Seminar Report & Project Report With Presentation (PPT,PDF,DOC,ZIP) | Return to Top | Lite (Archive) Mode | RSS Syndication