Question

7. (a) Do you think application-level authentication is superior to operating system authentication? Explain. (b) Discuss how a SQL injection attack works. (c) Differentiate between in-band and out-of-band SQL injection attacks.

Answer 1

7.

(a) The operating system, authentication can be exploited by a hacker using an exploit, so it makes it more vulnerable and exploitable but in application-level authentication authenticated access to a server is needed so having an exploit, doesn't make much of a difference. That's why application-level authentication is more reliable and secure and thus superior.

(b) SQL injection attacks is one of the most common web hacking technique. a successful SQL injection attack can give hackers unauthorized access to sensitive data like passwords.user information.

hacker finds a vulnerability in the SQL code of the webpage input and can exploit it by placing malicious code in the SQL statement.

example. suppose a website has a field for input of user ID, and a user put input like 100 OR 2=2

UserID = 100 OR 2 = 2

SELECT * FROM Users WHERE UserID = 100 OR 1=1;

then the SQL query will return information as the condition is true.

(C).

In-band SQL injection	out-of-band SQL injection
In-band SQL injection is a very common type of SQL injection. same communication channel for both attack and gather result. It can be done by exploit error messages in web pages with SQL injection. it can be done using union operators (SQL UNION) and inserting SQL commands.	Out-of-band SQL injection is a very rare type of SQL injection. It is rare because it depends on features on the server-side which are enabled and being used by the webpage. the communication channel is different, so can't use same channel to attack and gather results. The channel through which request is made has to be consistent.