Christophe Limpalair
Co-Founder of Cybr, and Course Author
Ways of defending databases against SQLi
Minimize privileges of database accounts
The application assumes the privileges of a user that was set up for it to use. We want to limit those permissions.
With SQLMap, we could use options such as:
sqlmap -u "http://localhost/vulnerabilities/sqli_blind/" \
--cookie="id=10; PHPSESSID=39qedittgtbc7rfsm69gjvidl0; security=medium" \
--data="id=1&Submit=Submit" \
-p id \
--current-user
sqlmap -u "http://localhost/vulnerabilities/sqli_blind/" \
--cookie="id=10; PHPSESSID=39qedittgtbc7rfsm69gjvidl0; security=medium" \
--data="id=1&Submit=Submit" \
-p id \
--is-dba
To check:
With an admin account, we could potentially:
Update your DBMS on a regular basis
Implement proper monitoring & logging
Errors should be logged -- from SQL errors to database administration errors:
Data Manipulation Language (DML) and Data Definition Language (DDL) operations should be logged and audited:
Set thresholds to alert admins if there are too many errors (or certain types of errors) in a specified period of time
NoSQL is vulnerable to injections
By Christophe Limpalair