Chapter 7: Attacking Web Datastores

Overview

The most useful applications present, manipulate, and acquire information for their users. Such data range from web journal entries to widget catalogs to real-time financial information. Users see the colorful front ends that presents them with personalized shopping, but they do not see the less glamorous database servers sitting behind the scenes like a great Oz, churning away silently to manage inventory, user logins, e-mail, and other data- related functions. Yet where OZ pulled together contraptions and illusions, an application's database must be reliable and efficient.

The unseen database server is not untouchable. In this chapter, we will show how variables , your username for instance, can be modified to contain special instructions that affect how the database performs . These vulnerabilities, exploited by SQL injection techniques, drive to the heart of the application.

The exploits possible against a SQL injection vulnerability vary from innocuous error-generation to full command-line execution. No particular database is fundamentally more secure than another against these exploits. The vulnerability is introduced in the SQL queries and their supporting programmatic interface, whether it's ASP, PHP, Perl, or any other web language. These vulnerabilities arise due to the lack of secure coding and secure database configuration, not to the lack of security patches on the database itself.