AADYA -National Journal of Management and Technology

Open Access Open Access  Restricted Access Subscription Access

A Technique for Exploiting Database Vulnerabilities of Web Application Using Detection Tools


Affiliations
1 MCA Department, Y.M.T College of Management, Kharghar, India
 

SQL injection attack is a form of attack that takes advantage of applications that generate SQL queries using user-supplied data without first checking or pre-processing it to verify that it is valid. The objective is to deceive the database system into running malicious code that will reveal sensitive information or otherwise compromise the server. By modifying the expected Web application parameters, an attacker can submit SQL queries and pass commands directly to the database. Although deployment of defensive coding or OS hardening energies security but they are not enough to stop SQLIAs. So this paper focuses on some tools and methodologies which can detect or prevent these attacks.

Keywords

SQL Injection Attacks, Prevention, Web Application Parameters, OS Hardening.
User
Notifications
Font Size

  • Atefeh Tajpour , Suhaimi Ibrahim, Mohammad Sharifi IJCSI International Journal of Computer Science www.IJCSI.org

  • Prasant Singh Yadav, 2 Dr pankajYadav, 3Dr. K.P.Yadav “A Modern Mechanism to Avoid SQL Injection Attacks in Web Applications”.

  • Cyber Security by Nina Godbole

  • SQL Injection analysis, Detection and Prevention by Jagdish Halde, San Jose State University


Abstract Views: 486

PDF Views: 228




  • A Technique for Exploiting Database Vulnerabilities of Web Application Using Detection Tools

Abstract Views: 486  |  PDF Views: 228

Authors

Kirti Kakde
MCA Department, Y.M.T College of Management, Kharghar, India

Abstract


SQL injection attack is a form of attack that takes advantage of applications that generate SQL queries using user-supplied data without first checking or pre-processing it to verify that it is valid. The objective is to deceive the database system into running malicious code that will reveal sensitive information or otherwise compromise the server. By modifying the expected Web application parameters, an attacker can submit SQL queries and pass commands directly to the database. Although deployment of defensive coding or OS hardening energies security but they are not enough to stop SQLIAs. So this paper focuses on some tools and methodologies which can detect or prevent these attacks.

Keywords


SQL Injection Attacks, Prevention, Web Application Parameters, OS Hardening.

References