reply to discussion below-wk5cmit colins

Get perfect grades by consistently using www.essayjunction.com. Place your order and get a quality paper today. Take advantage of our current 20% discount by using the coupon code GET20


Order a Similar Paper Order a Different Paper

Having an unsecured website on the internet when it comes to code vulnerability assessments not being completed or unsanitized form fields on the websites can leave a huge hole for hackers to jump right in and completely mess up any SQL tables running on the database server or even attack the servers themselves.

Save your time - order a paper!

Get your paper written from scratch within the tight deadline. Our service is a reliable solution to all your troubles. Place an order on any task and we will take care of it. You won’t have to worry about the quality and deadlines

Order Paper Now

By allowing SQL commands to be sent through the form fields (obviously not on purpose, but by oversight), the attacker can just type in an SQL query to check if the form is vulnerable to SQL insertion. In a guide written by Haroon Meer, he would input something like:

blah’ OR 1=1—

and if the form or web page returned an error that looked like:

Microsoft OLE DB Provider for SQL Server error ‘80040e14’

Unclosed quotation mark before the character string ” and Password=”.

/login.asp, line 40

then the attacker knows that the form did not sanitize form fields and allowed SQL to pass through to the SQL database. Now the attacker would easily be able to continue sending commands through the form field to login as different users or create accounts, give it administrator access, then either steal everyone’s information or wreak havoc by deleting all of the tables.

This short guide (citation below) had a very short but easy to read guide on how to test a website for SQL insertion vulnerabilities and then how to try logging in as an administrator and then how to read tables and gather usernames. This certainly helped explain it a bit better than the CEH handbook!

Meer, H. (n.d.). SQL Insertion. Retrieved June 16, 2019, from https://www.cgisecurity.com/lib/SQLinsertion.htm

Writerbay.net

We offer the best essay writing services to students who value great quality at a fair price. Let us exceed your expectations if you need help with this or a different assignment. Get your paper completed by a writing expert today. Nice to meet you! Want 15% OFF your first order? Use Promo Code: FIRST15. Place your order in a few easy steps. It will take you less than 5 minutes. Click one of the buttons below.


Order a Similar Paper Order a Different Paper