Ficha técnica de curso Código: IFCPR140c. SQL Injection Attacks and Defense



Similar documents
EC-Council CAST CENTER FOR ADVANCED SECURITY TRAINING. CAST 619 Advanced SQLi Attacks and Countermeasures. Make The Difference CAST.

Justin Clarke Lead Author and Technical Editor. Rodrigo Marcos Alvarez Dave Hartley Joseph Hemler Alexander Kornbrust Haroon Meer

BLIND SQL INJECTION (UBC)

Ficha técnica de curso Código: IFCAD320a

Ficha técnica de curso Código: IFCAD111

Ficha técnica de curso Código: IFCAD241

Rational AppScan & Ounce Products

SQL Injection January 23, 2013

Web Application Report

Chapter 1 Web Application (In)security 1

Enterprise Application Security Workshop Series

Cracking the Perimeter via Web Application Hacking. Zach Grace, CISSP, CEH January 17, Mega Conference

Web Application Security

Automating SQL Injection Exploits

Creating Stronger, Safer, Web Facing Code. JPL IT Security Mary Rivera June 17, 2011

SQL Injection in web applications

Web Application Threats and Vulnerabilities Web Server Hacking and Web Application Vulnerability

What is Web Security? Motivation

3. Broken Account and Session Management. 4. Cross-Site Scripting (XSS) Flaws. Web browsers execute code sent from websites. Account Management

How I hacked PacketStorm ( )

Penetration Testing with Kali Linux

5 Simple Steps to Secure Database Development

Information Technology Policy

Analysis of SQL injection prevention using a proxy server

Agenda. SQL Injection Impact in the Real World Attack Scenario (1) CHAPTER 8 SQL Injection

ASP.NET MVC Secure Coding 4-Day hands on Course. Course Syllabus

Advanced SQL Injection

Security Assessment of Waratek AppSecurity for Java. Executive Summary

CYBERTRON NETWORK SOLUTIONS

Adobe Systems Incorporated

External Vulnerability Assessment. -Technical Summary- ABC ORGANIZATION

Passing PCI Compliance How to Address the Application Security Mandates

SQL injection: Not only AND 1=1. The OWASP Foundation. Bernardo Damele A. G. Penetration Tester Portcullis Computer Security Ltd

VIDEO intypedia007en LESSON 7: WEB APPLICATION SECURITY - INTRODUCTION TO SQL INJECTION TECHNIQUES. AUTHOR: Chema Alonso

FINAL DoIT v.8 APPLICATION SECURITY PROCEDURE

(WAPT) Web Application Penetration Testing

Out of the Fire - Adding Layers of Protection When Deploying Oracle EBS to the Internet

Vulnerability Assessment and Penetration Testing

Web Application Hacking (Penetration Testing) 5-day Hands-On Course

Database Security Guide

The Top Web Application Attacks: Are you vulnerable?

Check list for web developers

External Network & Web Application Assessment. For The XXX Group LLC October 2012

NNT CIS Microsoft SQL Server 2008R2 Database Engine Level 1 Benchmark Report 0514a

Manipulating Microsoft SQL Server Using SQL Injection

Application Security Policy

SQL Injection. The ability to inject SQL commands into the database engine through an existing application

WHITE PAPER. FortiWeb and the OWASP Top 10 Mitigating the most dangerous application security threats

Secure Web Application Coding Team Introductory Meeting December 1, :00 2:00PM Bits & Pieces Room, Sansom West Room 306 Agenda

Penetration Testing Report Client: Business Solutions June 15 th 2015

FINAL DoIT v.4 PAYMENT CARD INDUSTRY DATA SECURITY STANDARDS APPLICATION DEVELOPMENT AND MAINTENANCE PROCEDURES

Testing Web Applications for SQL Injection Sam Shober

SQL Injection. By Artem Kazanstev, ITSO and Alex Beutel, Student

ABC LTD EXTERNAL WEBSITE AND INFRASTRUCTURE IT HEALTH CHECK (ITHC) / PENETRATION TEST

INTRUSION PROTECTION AGAINST SQL INJECTION ATTACKS USING REVERSE PROXY

Database System Security. Paul J. Wagner UMSSIA 2008

Advanced Web Technology 10) XSS, CSRF and SQL Injection 2

Protecting Your Organisation from Targeted Cyber Intrusion

Learn Ethical Hacking, Become a Pentester

Securing Your Web Application against security vulnerabilities. Ong Khai Wei, IT Specialist, Development Tools (Rational) IBM Software Group

Where every interaction matters.

Application Security Testing. Erez Metula (CISSP), Founder Application Security Expert

Practical Identification of SQL Injection Vulnerabilities

Input Validation Vulnerabilities, Encoded Attack Vectors and Mitigations OWASP. The OWASP Foundation. Marco Morana & Scott Nusbaum

REDCap General Security Overview

WEB APPLICATION HACKING. Part 2: Tools of the Trade (and how to use them)

Implementation of Web Application Firewall

Lecture 15 - Web Security

Webapps Vulnerability Report

Application Layer Encryption: Protecting against Application Logic and Session Theft Attacks. Whitepaper

Strategic Information Security. Attacking and Defending Web Services

Hacking Database for Owning your Data

Time-Based Blind SQL Injection using Heavy Queries A practical approach for MS SQL Server, MS Access, Oracle and MySQL databases and Marathon Tool

DIPLOMADO EN BASE DE DATOS

Bayesian Classification for SQL Injection Detection

Columbia University Web Security Standards and Practices. Objective and Scope

CCM 4350 Week 11. Security Architecture and Engineering. Guest Lecturer: Mr Louis Slabbert School of Science and Technology.

Web App Security Audit Services

SQL INJECTION ATTACKS By Zelinski Radu, Technical University of Moldova

Web Application Security. Radovan Gibala Senior Field Systems Engineer F5 Networks

Web Application Security Assessment and Vulnerability Mitigation Tests

Top 10 Database. Misconfigurations.

Barracuda Web Site Firewall Ensures PCI DSS Compliance

Basic & Advanced Administration for Citrix NetScaler 9.2

Web Application Guidelines

Application Code Development Standards

Oracle Essbase Integration Services. Readme. Release

Revisiting SQL Injection Will we ever get it right? Michael Sutton, Security Evangelist

Thick Client Application Security

1. What is SQL Injection?

SQL Injection 2.0: Bigger, Badder, Faster and More Dangerous Than Ever. Dana Tamir, Product Marketing Manager, Imperva

Guidelines for Web applications protection with dedicated Web Application Firewall

Web Application Attacks And WAF Evasion

Transcription:

Curso de: Objetivos: SQL Injection Attacks and Defense Proteger nuestra B.D. y prevenir los ataques, realizando una buena defensa. Mostrar los pasos y pautas a seguir para hacer nuestro sistema mas robusto y mejor protegido a los ataques. Destinado a: Todos los informáticos que quieres proteger el sistema a posibles ataques. Duración: 20 horas Modalidad: Presencial Horario: Plazas: 15 Periodicidad: 30 días Comienzo: Documentación: En formato pdf Requisitos: Tutorías: Acreditación: Precio: A aportar: Certificación acreditativa Revisión 1. 2015 Página 1 de 8

Contenido del Curso: Chapter 1 What Is SQL Injection? Understanding How Web Applications Work A Simple Application Architecture A More Complex Architecture Understanding SQL Injection High-Profile Examples Understanding How It Happens Dynamic String Building Incorrectly Handled Escape Characters Incorrectly Handled Types Incorrectly Handled Query Assembly Incorrectly Handled Errors Incorrectly Handled Multiple Submissions Insecure Database Configuration Chapter 2 Testing for SQL Injection Finding SQL Injection Testing by Inference Identifying Data Entry GET Requests POST Requests Other Injectable Data Manipulating Parameters Information Workf low Database Errors Commonly Displayed SQL Errors Microsoft SQL Server Errors Errors Errors Application Response Generic Errors HTTP Code Errors Different Response Sizes Blind Injection Detection Confirming SQL Injection Differentiating Numbers and Strings Inline SQL Injection Injecting Strings Inline Injecting Numeric Values Inline Terminating SQL Injection Database Comment Syntax Using Comments Executing Multiple Statements Time Delays Automating SQL Injection Discovery Tools for Automatically Finding SQL Injection HP WebInspect IBM Rational AppScan HP Scrawlr SQLiX Paros Proxy Chapter 3 Reviewing Code for SQL Injection Reviewing Source Code for SQL Injection Dangerous Coding Behaviors Revisión 1. 2015 Página 2 de 8

Dangerous Functions Following the Data Following Data in PHP Following Data in Java Following Data in C# Reviewing PL/SQL and T-SQL Code Automated Source Code Review Yet Another Source Code Analyzer (YASCA) Pixy AppCodeScan LAPSE Security Compass Web Application Analysis Tool (SWAAT) Microsoft Source Code Analyzer for SQL Injection Microsoft Code Analysis Tool.NET (CAT.NET) Commercial Source Code Review Tools Ounce Source Code Analysis CodeSecure Chapter 4 Exploiting SQL Injection Understanding Common Exploit Techniques Using Stacked Queries Identifying the Database Non-Blind Fingerprint Banner Grabbing Blind Fingerprint Extracting Data through UNION Statements Matching Columns Matching Data Types Using Conditional Statements Approach 1: Time-based Approach 2: Error-based Approach 3: Content-based Working with Strings Extending the Attack Using Errors for SQL Injection Error Messages in Enumerating the Database Schema SQL Server Escalating Privileges SQL Server Privilege Escalation on Unpatched Servers Stealing the Password Hashes SQL Server Components APEX Internet Directory Out-of-Band Communication E-mail Microsoft SQL Server HTTP/DNS File System SQL Server Revisión 1. 2015 Página 3 de 8

Automating SQL Injection Exploitation Sqlmap Sqlmap Example Bobcat BSQL Other Tools Chapter 5 Blind SQL Injection Exploitation Finding and Confirming Blind SQL Injection Forcing Generic Errors Injecting Queries with Side Effects Spitting and Balancing Common Blind SQL Injection Scenarios Blind SQL Injection Techniques Inference Techniques Increasing the Complexity of Inference Techniques Alternative Channel Techniques Using Time-Based Techniques Delaying Database Queries Delays Generic Binary Search Inference Exploits Generic Bit-by-Bit Inference Exploits SQL Server Delays. Generic SQL Server Binary Search Inference Exploits Generic SQL Server Bit-by-Bit Inference Exploits Delays Time-Based Inference Considerations Using Response-Based Techniques Response Techniques SQL Server Response Techniques Response Techniques Returning More Than One Bit of Information Using Alternative Channels Database Connections DNS Exfiltration E-mail Exfiltration HTTP Exfiltration Automating Blind SQL Injection Exploitation Absinthe BSQL Hacker SQLBrute Sqlninja Squeeza Chapter 6 Exploiting the Operating System Accessing the File System Reading Files Microsoft SQL Server Writing Files Microsoft SQL Server Executing Operating System Commands Direct Execution Revisión 1. 2015 Página 4 de 8

DBMS_SCHEDULER PL/SQL Native. Other Possibilities Alter System Set Events PL/SQL Native 9i Buffer Overflows Custom Application Code Microsoft SQL Server Consolidating Access Endnotes Chapter 7 Advanced Topics Evading Input Filters Using Case Variation Using SQL Comments Using URL Encoding Using Dynamic Query Execution Using Null Bytes Nesting Stripped Expressions Exploiting Truncation Bypassing Custom Filters Using Non-Standard Entry Points Exploiting Second-Order SQL Injection Finding Second-Order Vulnerabilities Using Hybrid Attacks Leveraging Captured Data Creating Cross-Site Scripting Running Operating System Commands on Exploiting Authenticated Vulnerabilities. Chapter 8 Code-Level Defenses Using Parameterized Statements Parameterized Statements in Java Parameterized Statements in.net (C#) Parameterized Statements in PHP Parameterized Statements in PL/SQL Validating Input Whitelisting Blacklisting Validating Input in Java Validating Input in.net Validating Input in PHP Encoding Output Encoding to the Database Encoding for dbms_assert Encoding for Microsoft SQL Server Encoding for Canonicalization Canonicalization Approaches Working with Unicode Designing to Avoid the Dangers of SQL Injection Using Stored Procedures Using Abstraction Layers Handling Sensitive Data Revisión 1. 2015 Página 5 de 8

Avoiding Obvious Object Names Setting Up Database Honeypots Additional Secure Development Resources Chapter 9 Platform-Level Defenses Using Runtime Protection Web Application Firewalls Using ModSecurity Configurable Rule Set Request Coverage Request Normalization Response Analysis Intrusion Detection Capabilities Intercepting Filters Web Server Filters Application Filters Implementing the Filter Pattern in Scripted Languages Filtering Web Service Messages Non-Editable versus Editable Input Protection URL/Page-Level Strategies Page Overriding URL Rewriting Resource Proxying/Wrapping Aspect-Oriented Programming (AOP) Application Intrusion Detection Systems (IDSs) Database Firewall Securing the Database Locking Down the Application Data Use the Least-Privileged Database Login Revoke PUBLIC Permissions Use Stored Procedures Use Strong Cryptography to Protect Stored Sensitive Data Maintaining an Audit Trail Error Triggers Locking Down the Database Server Additional Lockdown of System Objects Restrict Ad Hoc Querying Strengthen Controls Surrounding Authentication Run in the Context of the Least-Privileged Operating System Account Ensure That the Database Server Software Is Patched Additional Deployment Considerations.. Minimize Unnecessary Information Leakage Suppress Error Messages Use an Empty Default Web Site Use Dummy Host Names for Reverse DNS Lookups Use Wildcard SSL Certificates Limit Discovery via Search Engine Hacking Disable Web Services Description Language (WSDL) Information Increase the Verbosity of Web Server Logs Deploy the Web and Database Servers on Separate Hosts Configure Network Access Control Chapter 10 References Structured Query Language (SQL) Primer SQL Queries Revisión 1. 2015 Página 6 de 8

SELECT Statement UNION Operator INSERT Statement UPDATE Statement DELETE Statement DROP Statement CREATE TABLE Statement ALTER TABLE Statement GROUP BY Statement ORDER BY Clause Limiting the Result Set SQL Injection Quick Reference Identifying the Database Platform Identifying the Database Platform via Time Delay Inference Identifying the Database Platform via SQL Dialect Inference Combining Multiple Rows into a Single Row Microsoft SQL Server Cheat Sheet Enumerating Database Configuration Information and Schema Blind SQL Injection Functions: Microsoft SQL Server Microsoft SQL Server Privilege Escalation OPENROWSET Reauthentication Attack Attacking the Database Server: Microsoft SQL Server System Command Execution via xp_cmdshell xp_cmdshell Alternative Cracking Database Passwords Microsoft SQL Server 2005 Hashes File Read/Write Cheat Sheet Blind SQL Injection Functions: Attacking the Database Server: System Command Execution Cracking Database Passwords Attacking the Database Directly File Read/Write Cheat Sheet Blind SQL Injection Functions: Attacking the Database Server: Command Execution Reading Local Files Reading Local Files (PL/SQL Injection Only) Writing Local Files (PL/SQL Injection Only) Cracking Database Passwords Bypassing Input Validation Filters Quote Filters HTTP Encoding Troubleshooting SQL Injection Attacks SQL Injection on Other Platforms PostgreSQL Cheat Sheet Blind SQL Injection Functions: PostgreSQL Attacking the Database Server: PostgreSQL System Command Execution Local File Access Cracking Database Passwords DB2 Cheat Sheet Blind SQL Injection Functions: DB2 Informix Cheat Sheet Blind SQL Injection Functions: Informix Ingres Cheat Sheet Revisión 1. 2015 Página 7 de 8

Blind SQL Injection Functions: Ingres Microsoft Access Resources SQL Injection White Papers SQL Injection Cheat Sheets SQL Injection Exploit Tools Password Cracking Tools Revisión 1. 2015 Página 8 de 8

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information