Skip to content

SQL Injection, Password cracking attack & more

I know many few testers who do hardcore security testing. They use cool tools which are open source for their testing activity. Today, I am going to list few things that might be of your help in your testing activity for security quality criteria.

Web Application

–          SQL Injection

You might have heard about this. I have heard from many discussions that when someone asks, “How to do SQL Injection”. There is 100(s) of people who respond giving some URL and say try with few queries in cheatsheet etc.

But what I say is, SQL Injection requires learning of MySQL, Oracle, and Sybase etc. language. When you understand them you do not need cheatsheet which is limited to some extent.

A Trap: You might be querying MySQL commands when the database is Oracle. So here is where your skills come into picture where you want to know what the database is so that your next step would be what query you have to use.

–          Dictionary Attack

I have seen products where there is a password strength indicator which says whether the password is poor, weak, strong, and very strong. They use algorithms like alpha | alphanumeric | alpha + numeric | special characters | one number + one alphabet | one uppercase letter etc. Different products might have different algorithms for this password strength indicator.

Dictionary attack uses a text file which contains all the words listed in dictionary. This could be used for cracking passwords of user who keep passwords that are simple and are in dictionary.

Example passwords that could be cracked with this technique,

  • Apple
  • Oxford
  • Biology

 

NOTE: Also applicable for Desktop or standalone application(s)

–          Brute Force Attack

I love this technique. There are different ways in which you can implement this. Write your own code to implement this or use which are already available like Cain & Abel, Brutus etc. Please do some research on this technique using Google.

–          Captcha

My quote, “Where there is no captcha, there are always lovely bots”. Brute Force or Dictionary attack techniques are feasible in much better way where there is no captcha. Whenever you are reporting that there is no captcha try to provide why it’s dangerous not to have captcha by helping your readers understand that really captcha has to be added.

–          Cross Site Scripting – XSS

I am bored with some of the testers always using the famous below tag to conclude whether a field is vulnerable to XSS or not,

>> <script type=”text\javascript”>alert(“document.cookie”)</script> <<

Please learn about java script and other information like cookies, cookie stealing etc. to become XSS guru. Do not just use some tags which are in your notepad and copy paste them always.

I hope you enjoyed this blog post and if you want me to write more about this topic then let me know and I will extend this blog post. Depends on how many of you liked this and want more about this topic.

Follow Me

SanthoshTuppad

Software Tester, Product Innovator, Security Enthusiast at Test Insane Software Testing Services
I have been as a software tester for over 5 years. I am a hands-on tester and I've been winning bug battles & testing competitions across the world. I am a testing enthusiast, who conducts free workshops on security testing across India (Covered locations: Bengaluru, Pune, Hyderabad & Chennai. Invite him to come to your location), and monthly meets for testers in Bengaluru. I am also an avid testing blogger.

My interests include traveling, driving my SUV, health & fitness and many others. I mentor budding entrepreneurs, testers, teams in any profession.
Follow Me

Latest posts by SanthoshTuppad (see all)

Share/Bookmark

20 Comments

  1. Mohit Verma wrote:

    Hi Santhosh,

    Nice Sharing. I would really like to know more techniques. So keep them coming.

    With Regards
    Mohit Verma

    Sunday, April 11, 2010 at 10:05 pm | Permalink
  2. @Mohit,
    Sure. I will post them tomorrow ( April 13th, 2010 ). Thanks for your comment and wanting to know more :) Please shoot your questions any time to me.

    Sunday, April 11, 2010 at 10:27 pm | Permalink
  3. Mohit Verma wrote:

    @Santhosh,

    I will be waiting. I also agree with you that we should learn java script. Infect, I have started to do so two days ago :)

    Sunday, April 11, 2010 at 10:55 pm | Permalink
  4. @Mohit,
    Try http://w3schools.com/ for your reference while you are learning Javascript :)

    Monday, April 12, 2010 at 12:39 am | Permalink
  5. Nandagopal wrote:

    Hi Santhosh,

    Nice post. Please share more techniques. Will be very helpful. :)

    Monday, April 12, 2010 at 1:45 am | Permalink
  6. Sure :)

    Monday, April 12, 2010 at 10:47 am | Permalink
  7. Santhosh,

    I loved the way you summarized for a starter. It would be good if you could include an example for each of the concept you explain.

    I have been researching into XSS recently. All I get on the web is tons of data and no practical ways to do it. May be, my search capabilities are limited. I really don’t know.

    It may even be a good idea to record your testing and post it for Security Testing dummies like me :)

    How about a Security Workshop?

    Regards,
    Parimala Shankaraiah

    Tuesday, April 13, 2010 at 6:21 pm | Permalink
  8. @Parimala,
    Security Testing Workshop sounds great. I will do it soon within a month soon. My workshop will be completely Hands-on and examples. Breaking the code :)

    Thanks,
    Santhosh Shivanand Tuppad

    Wednesday, April 14, 2010 at 1:21 am | Permalink
  9. Gaurav Pant wrote:

    Nice one Santosh:)
    would like to hear more on the subject from you.

    Regards,
    Gaurav Pant

    Wednesday, April 14, 2010 at 4:40 am | Permalink
  10. @Gaurav,
    Thank you my friend :) I will surely come up with more on this subject.

    Thanks,
    Santhosh Shivanand Tuppad

    Wednesday, April 14, 2010 at 4:43 am | Permalink
  11. Will be very excited to attend your Security Workshop. Count me in.

    Thursday, April 15, 2010 at 1:18 am | Permalink
  12. @Sharath Byregowda,
    Thanks for your comment and interest :)

    Cheers,
    Santhosh Shivanand Tuppad

    Thursday, April 15, 2010 at 1:56 am | Permalink
  13. Dipan Patel wrote:

    I like it very much. Please elaborate more and give some more example so that it will be more interesting to understand.

    Monday, June 14, 2010 at 4:39 am | Permalink
  14. @Dipan Patel,
    Thank you very much for your comment. I would surely elaborate on the topics covered in upcoming blog post if I write on this topic.

    Thanks,
    Santhosh Shivanand Tuppad

    Tuesday, June 15, 2010 at 7:47 am | Permalink
  15. Upendra wrote:

    Hi Santhosh

    This is a really a good post on SQL injection and password cracking

    Adding to this here is a list of top 10 security risks that a web application is vulnerable of

    – Cross Site Scripting (XSS / CSS)
    – Injection Flaws
    – Malicious File Execution
    – Insecure Direct Object Reference
    – Cross Site Request Forgery (XSRF / CSRF)
    – Information Leakage and Improper Error Handling
    – Broken Authentication and Session Management
    – Insecure Cryptographic Storage
    – Insecure Communications
    – Failure to Restrict URL Access

    Ensuring that an application is secure of all these vulnerabilities is the biggest challenge.

    I am just at the intial stages of exploring and learningon penetration testing, it would be great if we could organise Security Testing workshops as mentioned by some of the folks to make this interesting and fun. It would certainly help in taking this up furture more.

    Friday, August 6, 2010 at 9:32 pm | Permalink
  16. Thanks Upendra for your comment and listing down the different risks. Yes, we could organize a workshop where different testers share knowledge on security testing, different techniques and etc. We will have a discussion soon about it and thanks for your interest in it.

    Cheers,
    Santhosh Shivanand Tuppad

    Saturday, August 7, 2010 at 11:02 am | Permalink
  17. Snehasish wrote:

    Hi Santosh,

    Please inform me also when you are going to organize a Security Testing workshop.

    Cheers,
    Snehasish Saha

    Wednesday, September 21, 2011 at 5:40 am | Permalink
  18. Surely I would let you know my dear friend.

    Monday, September 26, 2011 at 5:52 am | Permalink
  19. Arpit Singhal wrote:

    Hi Santhosh,

    I want to learn security testing. Please inform me also when are you going to organize a security testing workshop.

    Also, do you have any youtube link.

    Regards,
    Arpit

    Monday, July 14, 2014 at 8:21 pm | Permalink
  20. Hi Arpit, Please have a look at this; https://www.facebook.com/santhosh.tuppad/posts/821802011172900

    Monday, July 21, 2014 at 2:25 am | Permalink

One Trackback/Pingback

  1. […] This post was mentioned on Twitter by Santhosh Tuppad. Santhosh Tuppad said: http://tuppad.com/blog/2010/04/11/sql-injection-password-cracking-attack-more/ – SQL Injection, Password Cracking & More… […]

Post a Comment

Your email is never published nor shared. Required fields are marked *
*
*