{"product_id":"information-systems-security-6th-international-conference-iciss-2010-gandhinagar-india-december-17-19-2010-9783642177132","title":"Information Systems Security: 6th International Conference, Iciss 2010, Gandhinagar, India, December 17-19, 2010","description":"\u003cp\u003e • Author(s): Somesh Jha | Anish Mathuria\u003cbr\u003e • Publisher: Springer\u003cbr\u003e • Publisher Imprint: Springer\u003cbr\u003e • BISAC: Security - Networking\u003c\/p\u003e\u003cp\u003e2.1 Web Application Vulnerabilities Many web application vulnerabilities havebeenwell documented andthemi- gation methods havealso beenintroduced [1]. The most common cause ofthose vulnerabilities isthe insu?cient input validation. Any data originated from o- side of the program code, forexample input data provided by user through a web form, shouldalwaysbeconsidered malicious andmustbesanitized before use.SQLInjection, Remote code execution orCross-site Scriptingarethe very common vulnerabilities ofthattype [3]. Below isabrief introduction toSQL- jection vulnerability though the security testingmethodpresented in thispaper is not limited toit. SQLinjectionvulnerabilityallowsanattackertoillegallymanipulatedatabase byinjectingmalicious SQL codes into the values of input parameters of http requests sentto the victim web site. 1: Fig.1. An example of a program written in PHP which contains SQL Injection v- nerability Figure 1 showsaprogram that uses the database query function mysql query togetuserinformationcorrespondingtothe userspeci?edby the GETinput- rameterusername andthen printtheresultto the clientbrowser.Anormalhttp request with the input parameter username looks like http: \/\/example.com\/ index.php?username=bob . The dynamically created database query at line2 is SELECT * FROM users WHERE username= bob AND usertype= user . Thisprogram is vulnerabletoSQLInjection attacks because mysql query uses the input value of username without sanitizingmalicious codes. A malicious code can be a stringthatcontains SQL symbols ork- words.Ifan attacker sendarequest with SQL code ( alice ) - jected http: \/\/example.com\/index.php?username=alice, the query becomes SELECT* FROM users WHERE username= alice -- AND usertype= user .\"\u003c\/p\u003e","brand":"Springer","offers":[{"title":"Paperback","offer_id":46869918580887,"sku":"9783642177132","price":5700.0,"currency_code":"INR","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0666\/3471\/1191\/files\/9783642177132.webp?v=1769995086","url":"https:\/\/atlanticbooks.com\/products\/information-systems-security-6th-international-conference-iciss-2010-gandhinagar-india-december-17-19-2010-9783642177132","provider":"Atlantic Books","version":"1.0","type":"link"}