Chapter 28: Databases Under Attack
Download CD Content Overview
Data are basic and vitally important in all areas of activities. Such data are credit card numbers , personal information about users, information about hijacked cars , etc. The contents of chats and forums also are stored in databases. Penetration of a corporate (military, government) database is the worst thing that can happen to a company or organization. Strangely, even critical servers often have little or no protection and can be hacked without any serious efforts even by 12-year-old kids who have mastered the command line.
Database servers are the most critical informational resources. Therefore, they must reside on dedicated servers within the internal corporate network and must be protected by a router or firewall. Interaction with databases is usually carried out through the Web server located within the DMZ (see Chapter 23 for more details).
Placing the database server on the same host with the Web server cannot be tolerated, not only for technical reasons but also for legal considerations. Laws in many countries dictate a special policy for storing confidential data, especially information about a company's clients . Nevertheless, combining the database server and the Web server is a normal practice nowadays. As a rule, this is done for economy.
Having captured control over the Web server (practically no Web server can avoid buffer overflow errors or other security holes), the attacker would gain access to all data stored in the database.
The database server, like any other server, is subject to design errors, among which overflowing buffers dominate. Most overflowing buffers allow the attacker to capture control over the remote computer and inherit administrative privileges. A typical example of such an error is the vulnerability detected in the Microsoft SQL Server, which became the cause of a massive virus epidemic . MySQL didn't avoid this fate. Version 3.23.31 failed after receiving queries such as select a.AAAAAAA...AAAAAA.b . If the string causing the buffer overflow was specially prepared, the database server passed control to the shellcode. At the same time, the attack could be carried out through the browser by passing something like script.php?index=a.(shell-code).b as the URL.
However, even Microsoft SQL Server protected by a firewall can be attacked using a vulnerable script or weak authentication mechanism. It is impossible to cover all methods of attack in this chapter. Nevertheless, illustrating a couple of the favorite hacking techniques is a realistic task.
EAN: 2147483647
Pages: 164