Justin Clarke

Bio: Justin Clarke is an academic researcher. The author has contributed to research in topics: SQL injection & Data Transformation Services. The author has an hindex of 4, co-authored 9 publications receiving 214 citations.

SQL Injection Attacks and Defense

Abstract: SQL Injection Attacks and Defense, First Edition: Winner of the Best Book Bejtlich Read Award "SQL injection is probably the number one problem for any server-side application, and this book unequaled in its coverage." ??Richard Bejtlich, Tao Security blog SQL injection represents one of the most dangerous and well-known, yet misunderstood, security vulnerabilities on the Internet, largely because there is no central repository of information available for penetration testers, IT security consultants and practitioners, and web/software developers to turn to for help. SQL Injection Attacks and Defense, Second Edition is the only book devoted exclusively to this long-established but recently growing threat. This is the definitive resource for understanding, finding, exploiting, and defending against this increasingly popular and particularly destructive type of Internet-based attack. SQL Injection Attacks and Defense, Second Edition includes all the currently known information about these attacks and significant insight from its team of SQL injection experts, who tell you about: Understanding SQL Injection - Understand what it is and how it works Find, confirm and automate SQL injection discovery Tips and tricks for finding SQL injection within code Create exploits for using SQL injection Design apps to avoid the dangers these attacks SQL injection on different databases SQL injection on different technologies SQL injection testing techniques Case Studies Securing SQL Server, Second Edition is the only book to provide a complete understanding of SQL injection, from the basics of vulnerability to discovery, exploitation, prevention, and mitigation measures. Covers unique, publicly unavailable information, by technical experts in such areas as Oracle, Microsoft SQL Server, and MySQL---including new developments for Microsoft SQL Server 2012 (Denali). Written by an established expert, author, and speaker in the field, with contributions from a team of equally renowned creators of SQL injection tools, applications, and educational materials. Table of Contents Chapter 1. Introduction Chapter 2. History of SQL Injection Chapter 3. Understanding SQL Injection Chapter 4. SQL Injection on Different Databases Chapter 5. SQL Injection on Different Technologies Chapter 6. SQL Injection Testing Techniques Chapter 7. Defenses Chapter 8. Case Studies Appendices - SQL Injection Cheat Sheet

What Is SQL Injection

Abstract: This chapter provides the causes of SQL injection. SQL injection is one of the most devastating vulnerabilities to impact a business, as it can lead to exposure of all of the sensitive information stored in an application's database, including handy information such as usernames, passwords, names, addresses, phone numbers, and credit card details. SQL injection is the vulnerability that results when one gives an attacker the ability to influence the Structured Query Language (SQL) queries that an application passes to a back-end database. By being able to influence what is passed to the database, the attacker can leverage the syntax and capabilities of SQL itself, as well as the power and flexibility of supporting database functionality and operating system functionality available to the database. SQL injection is not a vulnerability that exclusively affects Web applications; any code that accepts input from an untrusted source and then uses that input to form dynamic SQL statements could be vulnerable.

Testing for SQL Injection

Abstract: Publisher Summary This chapter discusses techniques for finding SQL injection issues from the perspective of the user sitting in front of his browser and interacting with a Web application. SQL injection is present in any front-end application accepting data entry from a system or user, which is then used to access a database server. In a Web environment, the Web browser is a client acting as a front end requesting data from the user and sending it to the remote server which creates SQL queries using the submitted data. The main goal at this stage is to identify anomalies in the server response and determine whether they are generated by an SQL injection vulnerability. There is one simple rule for identifying SQL injection vulnerabilities: Trigger anomalies by sending unexpected data. This rule implies that one identifies all the data entry on the Web application, one may know what kind of request might trigger anomalies, and detect anomalies in the response from the server.

Chapter 10 – References

Abstract: Publisher Summary This chapter provides an introduction to the basic Structured Query Language (SQL). It also provides a series of SQL injection cheat sheets for quickly jumping to the material. SQL queries are made up of one or more SQL statements that are effectively instructions for the database server to carry out. The most common SQL statements one encounters are when working with a database or performing SQL injections are SELECT, INSERT, UPDATE, CREATE, UNION SELECT, and DELETE. SQL queries that are designed to read, delete, or update table data often include a conditional clause to target specific rows in a table. A conditional clause begins with WHERE followed by the condition. The OR and operators are used when multiple conditions are to be evaluated. In addition, there is a brief discussion on SQL injection; a common task when exploiting an SQL injection flaw is to identify the back-end database platform. The most commonly encountered database platforms are Microsoft SQL Server, Oracle, and MySQL. The Oracle Database Server includes the utl_http package that one uses to establish outbound HTTP connections from the database server host. It is possible to abuse this package to extract database data via HTTP connections to any TCP port.

Exploiting SQL Injection

Abstract: This chapter provides a set of techniques that are aimed at transforming a vulnerability into a fully fledged attack. The first and simplest form of exploitation uses UNION statements to extract data by appending to the results returned by the original query. UNION statements allow the attacker to extract a vast amount of information in a very fast and reliable way, making this technique a powerful weapon in arsenal. In case UNION-based attacks aren't a viable option, one can extract data by using conditional statements that trigger a different response from the database depending on the value of a certain bit of information. The chapter also explores a number of different variants of this technique, as such responses can be different in terms of time needed to complete, in terms of success or failure, or in terms of contents of the returned page.

A Survey on Security Issues in Cloud Computing

Abstract: Cloud Computing holds the potential to eliminate the requirements for setting up of high-cost computing infrastructure for the IT-based solutions and services that the industry uses. It promises to provide a flexible IT architecture, accessible through internet for lightweight portable devices. This would allow many-fold increase in the capacity or capabilities of the existing and new software. In a cloud computing environment, the entire data reside over a set of networked resources, enabling the data to be accessed through virtual machines. Since these data centers may lie in any corner of the world beyond the reach and control of users, there are multifarious security and privacy challenges that need to be understood and taken care of. Also, one can never deny the possibility of a server breakdown that has been witnessed, rather quite often in the recent times. There are various issues that need to be dealt with respect to security and privacy in a cloud computing scenario. This extensive survey paper aims to elaborate and analyze the numerous unresolved issues threatening the Cloud computing adoption and diffusion affecting the various stake-holders linked to it.

Survey on Security Issues in Cloud Computing and Associated Mitigation Techniques

Abstract: Cloud Computing holds the potential to eliminate the requirements for setting up of high-cost computing infrastructure for IT-based solutions and services that the industry uses. It promises to provide a flexible IT architecture, accessible through internet for lightweight portable devices. This would allow multi-fold increase in the capacity or capabilities of the existing and new software. In a cloud computing environment, the entire data reside over a set of networked resources, enabling the data to be accessed through virtual machines. Since these data-centers may lie in any corner of the world beyond the reach and control of users, there are multifarious security and privacy challenges that need to be understood and taken care of. Also, one can never deny the possibility of a server breakdown that has been witnessed, rather quite often in the recent times. There are various issues that need to be dealt with respect to security and privacy in a cloud computing scenario. This extensive survey paper aims to elaborate and analyze the numerous unresolved issues threatening the cloud computing adoption and diffusion affecting the various stake-holders linked to it.

Sania: Syntactic and Semantic Analysis for Automated Testing against SQL Injection

Abstract: With the recent rapid increase in interactive Web applications that employ back-end database services, an SQL injection attack has become one of the most serious security threats. The SQL injection attack allows an attacker to access the underlying database, execute arbitrary commands at intent, and receive a dynamically generated output, such as HTML Web pages. In this paper, we present our technique, Sania, for detecting SQL injection vulnerabilities in Web applications during the development and debugging phases. Sania intercepts the SQL queries between a Web application and a database, and automatically generates elaborate attacks according to the syntax and semantics of the potentially vulnerable spots in the SQL queries. In addition, Sania compares the parse trees of the intended SQL query and those resulting after an attack to assess the safety of these spots. We evaluated our technique using real-world Web applications and found that our solution is efficient in comparison with a popular Web application vulnerabilities scanner. We also found vulnerability in a product that was just about to be released.

State-of-Health Estimation of Li-ion Batteries: Cycle Life Test Methods

Abstract: Despite a rapid development, cost, performance and durability of the energy storage system are still a hindrance for a wide commercialisation of heavy-duty hybrid electric vehicles (HEV). The purpose of the work presented in this thesis is to investigate how different load cycle properties affect the cycle life and ageing processes of Li-ion cells developed for use in HEVs. The cycle life of commercial LiFePO4/graphite Li-ion cells was tested using a range of operating conditions and battery load cycles based on conditions relevant to heavy-duty HEVs. Established methods for cell performance evaluation have been combined with half-cell measurements and analysis methods such as incremental capacity analysis, differential voltage analysis and impedance spectroscopy to characterise the cell ageing in terms of capacity fade, power fade and impedance rise. Furthermore, a simplified cell fade model is used to distinguish between different likely ageing mechanisms. Loss of cyclable lithium is found to be the main contribution to ageing during the first phase of cycling, followed by an accelerated loss of active anode material towards the end of the battery cycle life. The longest lifetime is observed for cells cycled with low peak currents and a narrow SOC range. In addition, high charge current is found to affect the cycle life profoundly. On the contrary, a moderate temperature increase did not result in a shorter cycle life. Despite similarities in average current and SOC range, the load cycle properties are found to have a significant effect on the ageing characteristics, indicating that a more detailed evaluation of load cycle properties is needed to enable a cycle life estimation model.