sql injection Flashcards
(15 cards)
What is SQL injection (SQLi)?
SQLi is a vulnerability where untrusted data is sent to an interpreter as part of a query. Malicious input can trick the system into executing unintended commands or accessing unauthorized data.
Why is database structure vulnerable during ransomware attacks?
Databases have complex internal structures. Even if encrypted data is returned after ransom payment, any error can destroy the database’s structure.
How does basic SQL injection work?
Unvalidated input like ‘ OR ‘1’=’1 added to queries can alter logic, allowing unauthorized data access or manipulation.
What is the ‘Bobby Tables’ example?
An input like ‘Robert’); DROP TABLE Students;– exploits SQLi to delete entire tables. It’s a classic case demonstrating the dangers of unsanitized input.
Why is input sanitization alone not enough?
Client-side validation can be bypassed. Server-side validation close to data entry is required, along with principle of least privilege for apps.
What are second-order SQL injection attacks?
Malicious input is stored and later executed during a different query, making it harder to detect. Attackers may inject code during registration, triggering it on later login.
What are examples of SQLi in practice?
WordPress, security tools (e.g., Fortinet), and even government software have had exploitable SQLi bugs, showing widespread vulnerability.
How can firewalls be bypassed in SQLi attacks?
Obfuscation techniques like using floating-point notation (e.g., 1.e(1)) can evade pattern-matching firewalls designed to block classic injection strings.
What was the MOVEit SQLi breach?
MOVEit, used by payroll services, was exploited using SQLi by the Cl0p ransomware group, affecting thousands of companies and millions of users.
What are parameterized queries and why are they effective?
They separate user input from SQL logic, preventing SQL injection. Input is bound to placeholders, and parsed before execution.
What’s a bad usage of PreparedStatement?
If the query string is built with user input before preparing the statement, it negates protection and is no better than raw queries.
What role does education play in SQLi prevention?
Many devs are unaware or undertrained in SQLi. Even textbooks can present insecure patterns as safe. Teaching secure practices is critical.
What are mitigation strategies for SQLi?
Use parameterized queries, apply least privilege, audit code, educate developers, and use security tools to scan for SQLi vulnerabilities.
Can AI tools create or prevent SQLi?
Text-to-SQL tools may generate vulnerable code, but tools like GitHub Copilot can also produce secure code using prepared statements when prompted properly.
Where might you unexpectedly find SQL and SQLi?
Even IoT devices like smart torque wrenches have been found to run SQL backends and be vulnerable to SQLi, leading to industrial sabotage risk.
