Tool based implementation of SQL injection for penetration testing

Author

Nagpal, Bharti ; Singh, Nanhay ; Chauhan, Naresh ; Panesar, Angel

fYear

2015

fDate

15-16 May 2015

Firstpage

746

Lastpage

749

Abstract

Web applications are a fundamental pillar of today´s world. Society depends on them for business and day to day tasks. Because of their extensive use, Web applications are under constant attack by hackers that exploit their vulnerabilities to disrupt business and access confidential information. SQL Injection and Remote File Inclusion are the two most frequently used exploits and hackers prefer easier rather than complicated attack techniques. Every day as number of Internet users are increasing, the vulnerabilities of a system being attacked is becoming easier. SQL Injection is one of the most common attack method that is being used these days. Havij is one of the tools used to implement SQL Injection which will be discussed in this paper. Our research objective is to analyse the use of Havij in penetration testing in IT industry and to compare various SQL Injection tools available in the market.

Keywords

SQL; program testing; Havij tools; IT industry; Internet users; SQL injection; Web applications; attack method; confidential information access; penetration testing; remote file inclusion; system vulnerabilities; tool based implementation; Automation; Computer hacking; Databases; Industries; Servers; Testing; Havij; Implementation of SQL Injection; Penetration Testing; SQLInjection; Tools for SQL Injection;

fLanguage

English

Publisher

ieee

Conference_Titel

Computing, Communication & Automation (ICCCA), 2015 International Conference on

Conference_Location

Noida

Print_ISBN

978-1-4799-8889-1

Type

conf

DOI

10.1109/CCAA.2015.7148509

Filename

7148509