Winter ICT Educator Conference Jan 34 2013 Bio How Important is SQL Injection SQL injection continues to reign as hackers most consistently productive technique for stealing massive dumps of sensitive information within corporate databases ID: 628052
Download Presentation The PPT/PDF document "Hands-on SQL Injection Attack and Defens..." is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
Hands-on SQL Injection Attack and Defense
Winter ICT Educator ConferenceJan. 3-4, 2013Slide2
BioSlide3
How Important is SQL Injection?Slide4
SQL injection continues to reign
as hackers' most consistently productive technique for stealing massive dumps of sensitive information within corporate databases.In fact, according to analysis done by database security firm Imperva of breach events between 2005 and July of this year, 82 percent of lost data due to hacking was courtesy of SQL injection
.
http://
www.darkreading.com
/database-security/167901020/security/news/240006491/
hacktivists
-continue-to-own-systems-through-
sql
-injection.htmlSlide5
http://
news.techworld.com/security/3331283/barclays-97-percent-of-data-breaches-still-due-to-sql-injection/Slide6
In 2008 SQL Injection became the leading method of malware
distribution16 percent of websites are vulnerable to SQL Injectionhttp://jeremiahgrossman.blogspot.com/2009/02/sql-injection-eye-of-
storm.htmlSlide7Slide8
Are You Vulnerable?Slide9
Example SQL Injection VulnerabilitySlide10Slide11Slide12Slide13
The Commands Used to Steal the DataSlide14
Data BreachSlide15Slide16
Hands-On SQL Injection Project
http://samsclass.info/124/proj11/SQLi-MPICT.htmSlide17
Series of Projects