You are previewing SQL Injection Attacks and Defense, 2nd Edition.
O'Reilly logo
SQL Injection Attacks and Defense, 2nd Edition

Book Description

SQL Injection Attacks and Defense, First Edition: Winner of the Best Book Bejtlich Read Award

"SQL injection is probably the number one problem for any server-side application, and this book unequaled in its coverage." –Richard Bejtlich, Tao Security blog

SQL injection represents one of the most dangerous and well-known, yet misunderstood, security vulnerabilities on the Internet, largely because there is no central repository of information available for penetration testers, IT security consultants and practitioners, and web/software developers to turn to for help.

SQL Injection Attacks and Defense, Second Edition is the only book devoted exclusively to this long-established but recently growing threat. This is the definitive resource for understanding, finding, exploiting, and defending against this increasingly popular and particularly destructive type of Internet-based attack.

SQL Injection Attacks and Defense, Second Edition includes all the currently known information about these attacks and significant insight from its team of SQL injection experts, who tell you about:

  • Understanding SQL Injection – Understand what it is and how it works
  • Find, confirm and automate SQL injection discovery
  • Tips and tricks for finding SQL injection within code
  • Create exploits for using SQL injection
  • Design apps to avoid the dangers these attacks
  • SQL injection on different databases
  • SQL injection on different technologies
  • SQL injection testing techniques
  • Case Studies

  • Securing SQL Server, Second Edition is the only book to provide a complete understanding of SQL injection, from the basics of vulnerability to discovery, exploitation, prevention, and mitigation measures.
  • Covers unique, publicly unavailable information, by technical experts in such areas as Oracle, Microsoft SQL Server, and MySQL---including new developments for Microsoft SQL Server 2012 (Denali).
  • Written by an established expert, author, and speaker in the field, with contributions from a team of equally renowned creators of SQL injection tools, applications, and educational materials.

Table of Contents

  1. Cover image
  2. Title page
  3. Table of Contents
  4. Copyright
  5. Acknowledgements
  6. Dedication
  7. Contributing Authors
  8. Lead Author and Technical
  9. Introduction to the 2nd Edition
  10. Chapter 1. What Is SQL Injection?
    1. Introduction
    2. Understanding How Web Applications Work
    3. Understanding SQL Injection
    4. Understanding How It Happens
    5. Summary
    6. Solutions Fast Track
  11. Chapter 2. Testing for SQL Injection
    1. Introduction
    2. Finding SQL Injection
    3. Confirming SQL Injection
    4. Automating SQL Injection Discovery
    5. Summary
    6. Solutions Fast Track
  12. Chapter 3. Reviewing Code for SQL Injection
    1. Introduction
    2. Reviewing source code for SQL injection
    3. Automated source code review
    4. Summary
    5. Solutions fast track
  13. Chapter 4. Exploiting SQL injection
    1. Introduction
    2. Understanding common exploit techniques
    3. Identifying the database
    4. Extracting data through UNION statements
    5. Using conditional statements
    6. Enumerating the database schema
    7. Injecting into “INSERT” queries
    8. Escalating privileges
    9. Stealing the password hashes
    10. Out-of-band communication
    11. SQL injection on mobile devices
    12. Automating SQL injection exploitation
    13. Summary
    14. Solutions Fast Track
  14. Chapter 5. Blind SQL Injection Exploitation
    1. Introduction
    2. Finding and confirming blind SQL injection
    3. Using time-based techniques
    4. Using Response-Based Techniques
    5. Using Alternative Channels
    6. Automating blind SQL injection exploitation
    7. Summary
    8. Solutions fast track
  15. Chapter 6. Exploiting the operating system
    1. Introduction
    2. Accessing the file system
    3. Executing operating system commands
    4. Consolidating access
    5. Summary
    6. Solutions fast track
    7. References
  16. Chapter 7. Advanced topics
    1. Introduction
    2. Evading input filters
    3. Exploiting second-order SQL injection
    4. Exploiting client-side SQL injection
    5. Using hybrid attacks
    6. Summary
    7. Solutions fast track
  17. Chapter 8. Code-level defenses
    1. Introduction
    2. Domain Driven Security
    3. Using parameterized statements
    4. Validating input
    5. Encoding output
    6. Canonicalization
    7. Design Techniques to Avoid the Dangers of SQL Injection
    8. Summary
    9. Solutions fast track
  18. Chapter 9. Platform level defenses
    1. Introduction
    2. Using runtime protection
    3. Securing the database
    4. Additional deployment considerations
    5. Summary
    6. Solutions fast track
  19. Chapter 10. Confirming and Recovering from SQL Injection Attacks
    1. Introduction
    2. Investigating a suspected SQL injection attack
    3. So, you’re a victim—now what?
    4. Summary
    5. Solutions fast track
  20. Chapter 11. References
    1. Introduction
    2. Structured query language (SQL) primer
    3. SQL injection quick reference
    4. Bypassing input validation filters
    5. Troubleshooting SQL injection attacks
    6. SQL injection on other platforms
    7. Resources
    8. Solutions fast track
  21. Index