L21: SQL Vulnerabilities

Use the raw slides from L20(pdf) before lecture to take notes on the SQL portion. We will finish the SQL unit we started in L20. The material here will help you with crafting a sql injection attack in Project 6.

Summary

  • Basic SQL commands like CREATE, INSERT, UPDATE, SELECT
  • How to filter results using WHERE
  • How to join results using UNION
  • The basic idea behind sql injection
  • Examples

Demonstrations

Here are some screencasts of the basic sql demonstration. The lecture video will include some more advanced commands and walk through the attacks on the bad.py program.

Basic commands with sqlite3:

UNION and other commands with sqlite3: