SlideShare ist ein Scribd-Unternehmen logo

SQL Wildcard Attacks Abuse Search Queries

Ferruh Mavituna
Ferruh Mavituna

The document discusses how SQL wildcards can be abused to consume CPU resources on database servers by overloading them with search queries. It notes that many applications with SQL Server backends and a search feature are vulnerable as they allow unrestricted wildcard searches that could return large numbers of records. The SQL Server supports wildcards that can match multiple records, allowing an attacker to craft queries that use wildcards to return very large result sets and overload the database.

Technologie
1 von 8
Downloaden Sie, um offline zu lesen
DO S A TTACKS USING SQL W ILDCARDS Ferruh Mavituna www.portcullis-security.com This paper discusses abusing Microsoft SQL Query wildcards to consume CPU in database servers. This can be achieved using only the search field present in most common web applications1. If an application has the following properties then it is highly possibly vulnerable to wildcard attacks: 1- An SQL Server Backend; 2- More than 300 records in the database and around 500 bytes of data per row; 3- An application level search feature. As you might notice I have just described 90% of Microsoft SQL Server based CMSs, blogs, CRMs and e-commerce web applications. Other databases could be vulnerable depending on how the applications implement search functionalities although common implementation of the search functionality in SQL Server back-end applications is vulnerable. S EARCH Q UERIES The SQ
SQL Wildcard Attacks Abuse Search Queries
SQL Wildcard Attacks Abuse Search Queries
SQL Wildcard Attacks Abuse Search Queries
SQL Wildcard Attacks Abuse Search Queries
SQL Wildcard Attacks Abuse Search Queries
SQL Wildcard Attacks Abuse Search Queries
SQL Wildcard Attacks Abuse Search Queries

Empfohlen

Ce hv6 module 14 denial of service TH3 professional security
Ce hv6 module 14 denial of service TH3 professional securityCe hv6 module 14 denial of service TH3 professional security
Ce hv6 module 14 denial of service TH3 professional securitydefquon
 
CEH - Module 10 : Denial of Service
CEH - Module 10 : Denial of ServiceCEH - Module 10 : Denial of Service
CEH - Module 10 : Denial of ServiceAvirot Mitamura
 
Phishing
PhishingPhishing
Phishingdefquon
 
Visual Design with Data
Visual Design with DataVisual Design with Data
Visual Design with DataSeth Familian
 
3 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 20173 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 2017Drift
 
How to Become a Thought Leader in Your Niche
How to Become a Thought Leader in Your NicheHow to Become a Thought Leader in Your Niche
How to Become a Thought Leader in Your NicheLeslie Samuel
 
DBMS Vulnerabilities And Threats.pptx
DBMS Vulnerabilities And Threats.pptxDBMS Vulnerabilities And Threats.pptx
DBMS Vulnerabilities And Threats.pptxsiti829412
 
هک پایگاه داده و راهکارهای مقابلهDatabases hacking, safeguards and counterme...
هک پایگاه داده و راهکارهای مقابلهDatabases hacking, safeguards and counterme... هک پایگاه داده و راهکارهای مقابلهDatabases hacking, safeguards and counterme...
هک پایگاه داده و راهکارهای مقابلهDatabases hacking, safeguards and counterme...M Mehdi Ahmadian
 

Empfohlen

Ce hv6 module 14 denial of service TH3 professional security
Ce hv6 module 14 denial of service TH3 professional securityCe hv6 module 14 denial of service TH3 professional security
Ce hv6 module 14 denial of service TH3 professional securitydefquon
 
CEH - Module 10 : Denial of Service
CEH - Module 10 : Denial of ServiceCEH - Module 10 : Denial of Service
CEH - Module 10 : Denial of ServiceAvirot Mitamura
 
Phishing
PhishingPhishing
Phishingdefquon
 
Visual Design with Data
Visual Design with DataVisual Design with Data
Visual Design with DataSeth Familian
 
3 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 20173 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 2017Drift
 
How to Become a Thought Leader in Your Niche
How to Become a Thought Leader in Your NicheHow to Become a Thought Leader in Your Niche
How to Become a Thought Leader in Your NicheLeslie Samuel
 
DBMS Vulnerabilities And Threats.pptx
DBMS Vulnerabilities And Threats.pptxDBMS Vulnerabilities And Threats.pptx
DBMS Vulnerabilities And Threats.pptxsiti829412
 
هک پایگاه داده و راهکارهای مقابلهDatabases hacking, safeguards and counterme...
هک پایگاه داده و راهکارهای مقابلهDatabases hacking, safeguards and counterme... هک پایگاه داده و راهکارهای مقابلهDatabases hacking, safeguards and counterme...
هک پایگاه داده و راهکارهای مقابلهDatabases hacking, safeguards and counterme...M Mehdi Ahmadian
 
10g sql e book
10g sql e book10g sql e book
10g sql e bookMansoor Abd Algadir
 
Data Base
Data BaseData Base
Data BaseSusan Tullis
 
Bn1030 oracle dba
Bn1030 oracle dbaBn1030 oracle dba
Bn1030 oracle dbaconline training
 
SQL Injection - Newsletter
SQL Injection - NewsletterSQL Injection - Newsletter
SQL Injection - NewsletterSmitha Padmanabhan
 
Sql injection bypassing hand book blackrose
Sql injection bypassing hand book blackroseSql injection bypassing hand book blackrose
Sql injection bypassing hand book blackroseNoaman Aziz
 
Windows azure sql_database_security_isug012013
Windows azure sql_database_security_isug012013Windows azure sql_database_security_isug012013
Windows azure sql_database_security_isug012013sqlserver.co.il
 
Microsoft Sql Server 2016 Is Now Live
Microsoft Sql Server 2016 Is Now LiveMicrosoft Sql Server 2016 Is Now Live
Microsoft Sql Server 2016 Is Now LiveAmber Moore
 
Sql injection
Sql injectionSql injection
Sql injectionTech Bikram
 
SQL Injection and HTTP Flood DDOS Attack Detection and Classification Based o...
SQL Injection and HTTP Flood DDOS Attack Detection and Classification Based o...SQL Injection and HTTP Flood DDOS Attack Detection and Classification Based o...
SQL Injection and HTTP Flood DDOS Attack Detection and Classification Based o...IRJET Journal
 
SQL Injection
SQL InjectionSQL Injection
SQL InjectionAbhinav Nair
 
Practical Approach towards SQLi ppt
Practical Approach towards SQLi pptPractical Approach towards SQLi ppt
Practical Approach towards SQLi pptAhamed Saleem
 
What Are The Best Databases for Web Applications In 2023.pdf
What Are The Best Databases for Web Applications In 2023.pdfWhat Are The Best Databases for Web Applications In 2023.pdf
What Are The Best Databases for Web Applications In 2023.pdfLaura Miller
 
Compare the capabilities of the Microsoft Access, Microsoft SQL Serv.pdf
Compare the capabilities of the Microsoft Access, Microsoft SQL Serv.pdfCompare the capabilities of the Microsoft Access, Microsoft SQL Serv.pdf
Compare the capabilities of the Microsoft Access, Microsoft SQL Serv.pdfarihantplastictanksh
 
Row level security in enterprise applications
Row level security in enterprise applicationsRow level security in enterprise applications
Row level security in enterprise applicationsAlexander Tokarev
 
website database development
website database developmentwebsite database development
website database developmentWebtoniq
 
Practical SQL Azure: Moving into the cloud
Practical SQL Azure: Moving into the cloudPractical SQL Azure: Moving into the cloud
Practical SQL Azure: Moving into the cloudTimothy Corey
 
Sql Sever Presentation.pptx
Sql Sever Presentation.pptxSql Sever Presentation.pptx
Sql Sever Presentation.pptxzeeshanahmed213830
 
Double guard: Detecting Interruptions in N- Tier Web Applications
Double guard: Detecting Interruptions in N- Tier Web ApplicationsDouble guard: Detecting Interruptions in N- Tier Web Applications
Double guard: Detecting Interruptions in N- Tier Web ApplicationsIJMER
 
Brk3043 azure sql db intelligent cloud database for app developers - wash dc
Brk3043 azure sql db intelligent cloud database for app developers - wash dcBrk3043 azure sql db intelligent cloud database for app developers - wash dc
Brk3043 azure sql db intelligent cloud database for app developers - wash dcBob Ward
 
Data Handning with Sqlite for Android
Data Handning with Sqlite for AndroidData Handning with Sqlite for Android
Data Handning with Sqlite for AndroidJakir Hossain
 
One Click Ownage Ferruh Mavituna (3)
One Click Ownage Ferruh Mavituna (3)One Click Ownage Ferruh Mavituna (3)
One Click Ownage Ferruh Mavituna (3)Ferruh Mavituna
 
Web Tarayıcılarının Evrimi
Web Tarayıcılarının EvrimiWeb Tarayıcılarının Evrimi
Web Tarayıcılarının EvrimiFerruh Mavituna
 

Weitere ähnliche Inhalte

Ähnlich wie SQL Wildcard Attacks Abuse Search Queries

Sql injection bypassing hand book blackrose
Sql injection bypassing hand book blackroseSql injection bypassing hand book blackrose
Sql injection bypassing hand book blackroseNoaman Aziz
 
Windows azure sql_database_security_isug012013
Windows azure sql_database_security_isug012013Windows azure sql_database_security_isug012013
Windows azure sql_database_security_isug012013sqlserver.co.il
 
Microsoft Sql Server 2016 Is Now Live
Microsoft Sql Server 2016 Is Now LiveMicrosoft Sql Server 2016 Is Now Live
Microsoft Sql Server 2016 Is Now LiveAmber Moore
 
SQL Injection and HTTP Flood DDOS Attack Detection and Classification Based o...
SQL Injection and HTTP Flood DDOS Attack Detection and Classification Based o...SQL Injection and HTTP Flood DDOS Attack Detection and Classification Based o...
SQL Injection and HTTP Flood DDOS Attack Detection and Classification Based o...IRJET Journal
 
Practical Approach towards SQLi ppt
Practical Approach towards SQLi pptPractical Approach towards SQLi ppt
Practical Approach towards SQLi pptAhamed Saleem
 
What Are The Best Databases for Web Applications In 2023.pdf
What Are The Best Databases for Web Applications In 2023.pdfWhat Are The Best Databases for Web Applications In 2023.pdf
What Are The Best Databases for Web Applications In 2023.pdfLaura Miller
 
Compare the capabilities of the Microsoft Access, Microsoft SQL Serv.pdf
Compare the capabilities of the Microsoft Access, Microsoft SQL Serv.pdfCompare the capabilities of the Microsoft Access, Microsoft SQL Serv.pdf
Compare the capabilities of the Microsoft Access, Microsoft SQL Serv.pdfarihantplastictanksh
 
Row level security in enterprise applications
Row level security in enterprise applicationsRow level security in enterprise applications
Row level security in enterprise applicationsAlexander Tokarev
 
website database development
website database developmentwebsite database development
website database developmentWebtoniq
 
Practical SQL Azure: Moving into the cloud
Practical SQL Azure: Moving into the cloudPractical SQL Azure: Moving into the cloud
Practical SQL Azure: Moving into the cloudTimothy Corey
 
Double guard: Detecting Interruptions in N- Tier Web Applications
Double guard: Detecting Interruptions in N- Tier Web ApplicationsDouble guard: Detecting Interruptions in N- Tier Web Applications
Double guard: Detecting Interruptions in N- Tier Web ApplicationsIJMER
 
Brk3043 azure sql db intelligent cloud database for app developers - wash dc
Brk3043 azure sql db intelligent cloud database for app developers - wash dcBrk3043 azure sql db intelligent cloud database for app developers - wash dc
Brk3043 azure sql db intelligent cloud database for app developers - wash dcBob Ward
 
Data Handning with Sqlite for Android
Data Handning with Sqlite for AndroidData Handning with Sqlite for Android
Data Handning with Sqlite for AndroidJakir Hossain
 

Ähnlich wie SQL Wildcard Attacks Abuse Search Queries (20)

10g sql e book
10g sql e book10g sql e book
10g sql e book
 
Data Base
Data BaseData Base
Data Base
 
Bn1030 oracle dba
Bn1030 oracle dbaBn1030 oracle dba
Bn1030 oracle dba
 
SQL Injection - Newsletter
SQL Injection - NewsletterSQL Injection - Newsletter
SQL Injection - Newsletter
 
Sql injection bypassing hand book blackrose
Sql injection bypassing hand book blackroseSql injection bypassing hand book blackrose
Sql injection bypassing hand book blackrose
 
Windows azure sql_database_security_isug012013
Windows azure sql_database_security_isug012013Windows azure sql_database_security_isug012013
Windows azure sql_database_security_isug012013
 
Microsoft Sql Server 2016 Is Now Live
Microsoft Sql Server 2016 Is Now LiveMicrosoft Sql Server 2016 Is Now Live
Microsoft Sql Server 2016 Is Now Live
 
Sql injection
Sql injectionSql injection
Sql injection
 
SQL Injection and HTTP Flood DDOS Attack Detection and Classification Based o...
SQL Injection and HTTP Flood DDOS Attack Detection and Classification Based o...SQL Injection and HTTP Flood DDOS Attack Detection and Classification Based o...
SQL Injection and HTTP Flood DDOS Attack Detection and Classification Based o...
 
SQL Injection
SQL InjectionSQL Injection
SQL Injection
 
Practical Approach towards SQLi ppt
Practical Approach towards SQLi pptPractical Approach towards SQLi ppt
Practical Approach towards SQLi ppt
 
What Are The Best Databases for Web Applications In 2023.pdf
What Are The Best Databases for Web Applications In 2023.pdfWhat Are The Best Databases for Web Applications In 2023.pdf
What Are The Best Databases for Web Applications In 2023.pdf
 
Compare the capabilities of the Microsoft Access, Microsoft SQL Serv.pdf
Compare the capabilities of the Microsoft Access, Microsoft SQL Serv.pdfCompare the capabilities of the Microsoft Access, Microsoft SQL Serv.pdf
Compare the capabilities of the Microsoft Access, Microsoft SQL Serv.pdf
 
Row level security in enterprise applications
Row level security in enterprise applicationsRow level security in enterprise applications
Row level security in enterprise applications
 
website database development
website database developmentwebsite database development
website database development
 
Practical SQL Azure: Moving into the cloud
Practical SQL Azure: Moving into the cloudPractical SQL Azure: Moving into the cloud
Practical SQL Azure: Moving into the cloud
 
Sql Sever Presentation.pptx
Sql Sever Presentation.pptxSql Sever Presentation.pptx
Sql Sever Presentation.pptx
 
Double guard: Detecting Interruptions in N- Tier Web Applications
Double guard: Detecting Interruptions in N- Tier Web ApplicationsDouble guard: Detecting Interruptions in N- Tier Web Applications
Double guard: Detecting Interruptions in N- Tier Web Applications
 
Brk3043 azure sql db intelligent cloud database for app developers - wash dc
Brk3043 azure sql db intelligent cloud database for app developers - wash dcBrk3043 azure sql db intelligent cloud database for app developers - wash dc
Brk3043 azure sql db intelligent cloud database for app developers - wash dc
 
Data Handning with Sqlite for Android
Data Handning with Sqlite for AndroidData Handning with Sqlite for Android
Data Handning with Sqlite for Android
 

Mehr von Ferruh Mavituna

One Click Ownage Ferruh Mavituna (3)
One Click Ownage Ferruh Mavituna (3)One Click Ownage Ferruh Mavituna (3)
One Click Ownage Ferruh Mavituna (3)Ferruh Mavituna
 
Web Tarayıcılarının Evrimi
Web Tarayıcılarının EvrimiWeb Tarayıcılarının Evrimi
Web Tarayıcılarının EvrimiFerruh Mavituna
 
Insecure Trends in Web 2.0
Insecure Trends in Web 2.0Insecure Trends in Web 2.0
Insecure Trends in Web 2.0Ferruh Mavituna
 
Guvenli Flash Uygulamalari
Guvenli Flash UygulamalariGuvenli Flash Uygulamalari
Guvenli Flash UygulamalariFerruh Mavituna
 
Web 2.0 Guvenlik Trendleri
Web 2.0 Guvenlik TrendleriWeb 2.0 Guvenlik Trendleri
Web 2.0 Guvenlik TrendleriFerruh Mavituna
 

Mehr von Ferruh Mavituna (12)

One Click Ownage Ferruh Mavituna (3)
One Click Ownage Ferruh Mavituna (3)One Click Ownage Ferruh Mavituna (3)
One Click Ownage Ferruh Mavituna (3)
 
Web Tarayıcılarının Evrimi
Web Tarayıcılarının EvrimiWeb Tarayıcılarının Evrimi
Web Tarayıcılarının Evrimi
 
One Click Ownage
One Click OwnageOne Click Ownage
One Click Ownage
 
5 Dakkada Beşiktaş
5 Dakkada Beşiktaş5 Dakkada Beşiktaş
5 Dakkada Beşiktaş
 
One Click Ownage
One Click OwnageOne Click Ownage
One Click Ownage
 
One Click Ownage
One Click OwnageOne Click Ownage
One Click Ownage
 
Insecure Trends in Web 2.0
Insecure Trends in Web 2.0Insecure Trends in Web 2.0
Insecure Trends in Web 2.0
 
Flash Security
Flash SecurityFlash Security
Flash Security
 
XSS Tunnelling
XSS TunnellingXSS Tunnelling
XSS Tunnelling
 
Guvenli Flash Uygulamalari
Guvenli Flash UygulamalariGuvenli Flash Uygulamalari
Guvenli Flash Uygulamalari
 
Web 2.0 Guvenlik Trendleri
Web 2.0 Guvenlik TrendleriWeb 2.0 Guvenlik Trendleri
Web 2.0 Guvenlik Trendleri
 
How To Detect Xss
How To Detect XssHow To Detect Xss
How To Detect Xss
 

Kürzlich hochgeladen

Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 

Kürzlich hochgeladen (20)

Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 

SQL Wildcard Attacks Abuse Search Queries

  • 1. DO S A TTACKS USING SQL W ILDCARDS Ferruh Mavituna www.portcullis-security.com This paper discusses abusing Microsoft SQL Query wildcards to consume CPU in database servers. This can be achieved using only the search field present in most common web applications1. If an application has the following properties then it is highly possibly vulnerable to wildcard attacks: 1- An SQL Server Backend; 2- More than 300 records in the database and around 500 bytes of data per row; 3- An application level search feature. As you might notice I have just described 90% of Microsoft SQL Server based CMSs, blogs, CRMs and e-commerce web applications. Other databases could be vulnerable depending on how the applications implement search functionalities although common implementation of the search functionality in SQL Server back-end applications is vulnerable. S EARCH Q UERIES The SQ