Skoči na glavni sadržaj

Prethodno priopćenje

https://doi.org/10.31803/tg-20211203090618

The Importance of Developing Preventive Techniques for SQL Injection Attacks

Nenad Bedeković ; University North, University Center Varaždin, Jurja Križanića 31b, 42 000 Varaždin, Croatia
Ladislav Havaš orcid id orcid.org/0000-0002-5051-4486 ; University North, University Center Varaždin, Jurja Križanića 31b, 42 000 Varaždin, Croatia
Tomislav Horvat orcid id orcid.org/0000-0002-8358-3218 ; University North, University Center Varaždin, Jurja Križanića 31b, 42 000 Varaždin, Croatia
Dražen Crčić orcid id orcid.org/0000-0001-6658-9266 ; University North, University Center Varaždin, Jurja Križanića 31b, 42 000 Varaždin, Croatia


Puni tekst: engleski pdf 1.403 Kb

str. 523-529

preuzimanja: 1.023

citiraj


Sažetak

Many intentionally vulnerable web applications are circulating on the Internet that serve as a legal test ground for practicing SQL injection attacks. For demonstration purposes the attacks will target an Acunetix test web application created using PHP programming language and MySQL relational database. In the practical part, the execution of the attack itself largely depends on the database management system, so the displayed syntax is intended only for the MySQL database management system. Example of an automated attack will be executed on SQLmap in a Linux Kali virtualized environment. Security guidelines with a purpose of protecting databases are also discussed.

Ključne riječi

database; MySQL; relational database; SQL; SQL injection attack; SQLmap

Hrčak ID:

283790

URI

https://hrcak.srce.hr/283790

Datum izdavanja:

23.9.2022.

Posjeta: 2.313 *