CEH Module 13: SQL Injection

<- Back to CEH Certification Main Page

ceh-sql-injection.jpg
  • SQL Injection Concepts
    • What is SQL Injection?
    • Why Bother about SQL Injection?
    • How Web Applications Work?
    • SQL Injection and Server-side Technologies
    • Understanding HTTP Post Request
    • Example: Normal SQL Query
    • Understanding an SQL Injection Query
      • Code Analysis
    • Example of a Web App Vulnerable to SQL Injection
      • BadProductList.aspx
      • Attack Analysis
    • Example of SQL Injection
      • Updating Table
      • Adding New Records
      • Identifying the Table Name
      • Deleting a Table
  • Types of SQL Injection
    • Error Based SQL Injection
    • Union SQL Injection
    • Blind SQL Injection
    • No Error Messages Returned
    • Blind SQL Injection: WAITFOR DELAY (YES or NO Response)
    • Boolean Exploitation Technique
  • SQL Injection Methodology
    • Information Gathering and SQL Injection Vulnerability Detection
      • Information Gathering
      • Identifying Data Entry Paths
      • Extracting Information through Error Messages
      • Testing for SQL Injection
      • Additional Methods to Detect SQL Injection
      • SQL Injection Black Box Pen Testing
      • Source Code Review to Detect SQL Injection Vulnerabilities
    • Launch SQL Injection Attacks
      • Perform Union SQL Injection
      • Perform Error Based SQL Injection
      • Perform Error Based SQL Injection: Using Stored Procedure Injection
      • Bypass Website Logins Using SQL Injection
      • Perform Blind SQL Injection – Exploitation (MySQL)
      • Blind SQL Injection
        • Extract Database User
        • Extract Database Name
        • Extract Column Name
        • Extract Data from ROWS
      • Perform Double Blind SQL Injection - Classical Exploitation (MySQL)
        • Perform Blind SQL Injection Using Out of Band Exploitation Technique
      • Exploiting Second-Order SQL Injection
    • Advanced SQL Injection
      • Database, Table, and Column Enumeration
      • Advanced Enumeration
      • Features of Different DBMSs
      • Creating Database Accounts
      • Password Grabbing
      • Grabbing SQL Server Hashes
      • Extracting SQL Hashes (In a Single Statement)
      • Transfer Database to Attacker's Machine
      • Interacting with the Operating System
      • Interacting with the File System
      • Network Reconnaissance Using SQL Injection
      • Network Reconnaissance Full Query
  • SQL Injection Tools
    • BSQLHacker
    • Marathon Tool
    • SQL Power Injector
    • Havij
    • SQL Injection Tools
    • SQL Injection Tool for Mobile
      • DroidSQLi
      • sqlmapchik
  • Evasion Techniques
    • Evading IDS
    • Types of Signature Evasion Techniques
    • Evasion Technique
      • Sophisticated Matches
      • Hex Encoding
      • Manipulating White Spaces
      • In-line Comment
      • Char Encoding
      • String Concatenation
      • Obfuscated Codes
  • Counter-measures
    • How to Defend Against SQL Injection Attacks?
    • How to Defend Against SQL Injection Attacks: Use Type-Safe SQL Parameters
    • How to Defend Against SQL Injection Attacks
    • SQL Injection Detection Tool
      • dotDefender
      • IBM Security AppScan
      • WebCruiser
    • Snort Rule to Detect SQL Injection Attacks
    • SQL Injection Detection Tools

<- Back to CEH Certification Main Page

RELATED COURSES