{ "metadata": { "name": "", "signature": "sha256:6e8ae049c6dee6fbc58f6101ac8d94b0cd399cad4759a42d64465c041a02170c" }, "nbformat": 3, "nbformat_minor": 0, "worksheets": [ { "cells": [ { "cell_type": "markdown", "metadata": {}, "source": [ "## SQL Injection Exercise\n", "\n", "
\n", "\"SQL injection is a code injection technique, used to attack data driven applications, in which malicious SQL statements areA SQL injection attack consists of insertion or \"injection\" of a SQL query via the input data from the client to the application. A successful SQL injection exploit can read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database (such as shutdown the DBMS), recover the content of a given file present on the DBMS file system and in some cases issue commands to the operating system. SQL injection attacks are a type of injection attack, in which SQL commands are injected into data-plane input in order to effect the execution of predefined SQL commands.\" -OWASP\n", "\n", " | raw_sql | \n", "type | \n", "
---|---|---|
0 | \n", "'; exec master..xp_cmdshell 'ping 10.10.1.2'-- | \n", "malicious | \n", "
1 | \n", "create user name identified by 'pass123' | \n", "malicious | \n", "
2 | \n", "create user name identified by pass123 tempora... | \n", "malicious | \n", "
3 | \n", "exec sp_addlogin 'name' , 'password' | \n", "malicious | \n", "
4 | \n", "exec sp_addsrvrolemember 'name' , 'sysadmin' | \n", "malicious | \n", "
5 rows \u00d7 2 columns
\n", "\n", " | raw_sql | \n", "type | \n", "parsed_sql | \n", "
---|---|---|---|
0 | \n", "'; exec master..xp_cmdshell 'ping 10.10.1.2'-- | \n", "malicious | \n", "[Single, Identifier, Float, Float, Float, Erro... | \n", "
1 | \n", "create user name identified by 'pass123' | \n", "malicious | \n", "[DDL, Keyword, Identifier, Keyword, Single] | \n", "
2 | \n", "create user name identified by pass123 tempora... | \n", "malicious | \n", "[DDL, Keyword, Identifier, Keyword, Identifier... | \n", "
3 | \n", "exec sp_addlogin 'name' , 'password' | \n", "malicious | \n", "[Keyword, Identifier, IdentifierList] | \n", "
4 | \n", "exec sp_addsrvrolemember 'name' , 'sysadmin' | \n", "malicious | \n", "[Keyword, Identifier, IdentifierList] | \n", "
5 rows \u00d7 3 columns
\n", "\n", " | legit | \n", "malicious | \n", "legit_cd | \n", "malicious_cd | \n", "total_cd | \n", "legit_exp | \n", "legit_g | \n", "malicious_exp | \n", "malicious_g | \n", "
---|---|---|---|---|---|---|---|---|---|
('Single',) | \n", "7 | \n", "10984 | \n", "0.000637 | \n", "0.999363 | \n", "10991 | \n", "1121.927951 | \n", "-71.076512 | \n", "9869.072049 | \n", "2351.319327 | \n", "
('Single', 'Identifier') | \n", "0 | \n", "8309 | \n", "0.000000 | \n", "1.000000 | \n", "8309 | \n", "848.157524 | \n", "0.000000 | \n", "7460.842476 | \n", "1789.275422 | \n", "
('Punctuation',) | \n", "152 | \n", "7707 | \n", "0.019341 | \n", "0.980659 | \n", "7859 | \n", "802.222889 | \n", "-505.705813 | \n", "7056.777111 | \n", "1358.598582 | \n", "
('Identifier',) | \n", "1284 | \n", "17011 | \n", "0.070183 | \n", "0.929817 | \n", "18295 | \n", "1867.498123 | \n", "-962.022691 | \n", "16427.501877 | \n", "1187.480739 | \n", "
('Identifier', 'Single') | \n", "2 | \n", "4222 | \n", "0.000473 | \n", "0.999527 | \n", "4224 | \n", "431.173111 | \n", "-21.493450 | \n", "3792.826889 | \n", "905.174233 | \n", "
('Single', 'Identifier', 'Single') | \n", "0 | \n", "4170 | \n", "0.000000 | \n", "1.000000 | \n", "4170 | \n", "425.660955 | \n", "0.000000 | \n", "3744.339045 | \n", "897.975510 | \n", "
('Identifier', 'Single', 'Identifier') | \n", "0 | \n", "4162 | \n", "0.000000 | \n", "1.000000 | \n", "4162 | \n", "424.844339 | \n", "0.000000 | \n", "3737.155661 | \n", "896.252775 | \n", "
('Identifier', 'Identifier') | \n", "4 | \n", "3957 | \n", "0.001010 | \n", "0.998990 | \n", "3961 | \n", "404.326869 | \n", "-36.927434 | \n", "3556.673131 | \n", "844.111737 | \n", "
('Keyword', 'Keyword', 'DML') | \n", "18 | \n", "3248 | \n", "0.005511 | \n", "0.994489 | \n", "3266 | \n", "333.383376 | \n", "-105.081169 | \n", "2932.616624 | \n", "663.529712 | \n", "
('Keyword', 'DML', 'IdentifierList') | \n", "28 | \n", "3157 | \n", "0.008791 | \n", "0.991209 | \n", "3185 | \n", "325.115142 | \n", "-137.310594 | \n", "2859.884858 | \n", "624.081095 | \n", "
10 rows \u00d7 9 columns
\n", "\n", " | raw_sql | \n", "type | \n", "parsed_sql | \n", "sequences | \n", "
---|---|---|---|---|
0 | \n", "'; exec master..xp_cmdshell 'ping 10.10.1.2'-- | \n", "malicious | \n", "[Single, Identifier, Float, Float, Float, Erro... | \n", "[('Single',), ('Identifier',), ('Float',), ('F... | \n", "
44 | \n", "anything' or 'x'='x | \n", "malicious | \n", "[Identifier, Single, Identifier, Single, Ident... | \n", "[('Identifier',), ('Single',), ('Identifier',)... | \n", "
49 | \n", "'; exec master..xp_cmdshell 'ping aaa.bbb.ccc.... | \n", "malicious | \n", "[Single, Identifier, Error, Single] | \n", "[('Single',), ('Identifier',), ('Error',), ('S... | \n", "
54 | \n", "'; if not(select system_user) <> 'sa' waitfor ... | \n", "malicious | \n", "[Single, Identifier, Single, Integer, Placehol... | \n", "[('Single',), ('Identifier',), ('Single',), ('... | \n", "
55 | \n", "'; if is_srvrolemember('sysadmin') > 0 waitfor... | \n", "malicious | \n", "[Single, Identifier, Single, Integer, Placehol... | \n", "[('Single',), ('Identifier',), ('Single',), ('... | \n", "
5 rows \u00d7 4 columns
\n", "\n", " | raw_sql | \n", "type | \n", "parsed_sql | \n", "sequences | \n", "
---|---|---|---|---|
2 | \n", "create user name identified by pass123 tempora... | \n", "malicious | \n", "[DDL, Keyword, Identifier, Keyword, Identifier... | \n", "[('DDL',), ('Keyword',), ('Identifier',), ('Ke... | \n", "
6 | \n", "grant connect to name; grant resource to name; | \n", "malicious | \n", "[Keyword, Keyword, Keyword, Identifier, Punctu... | \n", "[('Keyword',), ('Keyword',), ('Keyword',), ('I... | \n", "
7 | \n", "insert into users(login, password, level) valu... | \n", "malicious | \n", "[DML, Keyword, Function, Keyword, Punctuation,... | \n", "[('DML',), ('Keyword',), ('Function',), ('Keyw... | \n", "
12 | \n", "\\'; desc users; -- | \n", "malicious | \n", "[Error, Error, Punctuation, Order, Identifier,... | \n", "[('Error',), ('Error',), ('Punctuation',), ('O... | \n", "
21 | \n", "1' and 1=(select count(*) from tablenames); -- | \n", "malicious | \n", "[Integer, Error, Keyword, Comparison, Punctuat... | \n", "[('Integer',), ('Error',), ('Keyword',), ('Com... | \n", "
5 rows \u00d7 4 columns
\n", "\n", " | raw_sql | \n", "type | \n", "parsed_sql | \n", "sequences | \n", "length | \n", "entropy | \n", "
---|---|---|---|---|---|---|
0 | \n", "'; exec master..xp_cmdshell 'ping 10.10.1.2'-- | \n", "malicious | \n", "[Single, Identifier, Float, Float, Float, Erro... | \n", "[('Single',), ('Identifier',), ('Float',), ('F... | \n", "7 | \n", "4.368792 | \n", "
1 | \n", "create user name identified by 'pass123' | \n", "malicious | \n", "[DDL, Keyword, Identifier, Keyword, Single] | \n", "[('DDL',), ('Keyword',), ('Identifier',), ('Ke... | \n", "5 | \n", "4.037326 | \n", "
2 | \n", "create user name identified by pass123 tempora... | \n", "malicious | \n", "[DDL, Keyword, Identifier, Keyword, Identifier... | \n", "[('DDL',), ('Keyword',), ('Identifier',), ('Ke... | \n", "11 | \n", "4.028603 | \n", "
3 | \n", "exec sp_addlogin 'name' , 'password' | \n", "malicious | \n", "[Keyword, Identifier, IdentifierList] | \n", "[('Keyword',), ('Identifier',), ('IdentifierLi... | \n", "3 | \n", "4.030493 | \n", "
4 | \n", "exec sp_addsrvrolemember 'name' , 'sysadmin' | \n", "malicious | \n", "[Keyword, Identifier, IdentifierList] | \n", "[('Keyword',), ('Identifier',), ('IdentifierLi... | \n", "3 | \n", "4.010013 | \n", "
5 rows \u00d7 6 columns
\n", "\n", " | raw_sql | \n", "type | \n", "parsed_sql | \n", "sequences | \n", "length | \n", "entropy | \n", "malicious_g | \n", "legit_g | \n", "
---|---|---|---|---|---|---|---|---|
0 | \n", "'; exec master..xp_cmdshell 'ping 10.10.1.2'-- | \n", "malicious | \n", "[Single, Identifier, Float, Float, Float, Erro... | \n", "[('Single',), ('Identifier',), ('Float',), ('F... | \n", "7 | \n", "4.368792 | \n", "449.733570 | \n", "-63.831145 | \n", "
1 | \n", "create user name identified by 'pass123' | \n", "malicious | \n", "[DDL, Keyword, Identifier, Keyword, Single] | \n", "[('DDL',), ('Keyword',), ('Identifier',), ('Ke... | \n", "5 | \n", "4.037326 | \n", "-242.191260 | \n", "1210.713063 | \n", "
2 | \n", "create user name identified by pass123 tempora... | \n", "malicious | \n", "[DDL, Keyword, Identifier, Keyword, Identifier... | \n", "[('DDL',), ('Keyword',), ('Identifier',), ('Ke... | \n", "11 | \n", "4.028603 | \n", "-392.742728 | \n", "1489.732587 | \n", "
3 | \n", "exec sp_addlogin 'name' , 'password' | \n", "malicious | \n", "[Keyword, Identifier, IdentifierList] | \n", "[('Keyword',), ('Identifier',), ('IdentifierLi... | \n", "3 | \n", "4.030493 | \n", "-331.875793 | \n", "1069.265013 | \n", "
4 | \n", "exec sp_addsrvrolemember 'name' , 'sysadmin' | \n", "malicious | \n", "[Keyword, Identifier, IdentifierList] | \n", "[('Keyword',), ('Identifier',), ('IdentifierLi... | \n", "3 | \n", "4.010013 | \n", "-331.875793 | \n", "1069.265013 | \n", "
5 rows \u00d7 8 columns
\n", "\n", " | raw_sql | \n", "type | \n", "parsed_sql | \n", "sequences | \n", "length | \n", "entropy | \n", "malicious_g | \n", "legit_g | \n", "pred | \n", "
---|---|---|---|---|---|---|---|---|---|
13606 | \n", "create table Purchase (pid int primary key, pr... | \n", "legit | \n", "[DDL, Keyword, Function, Punctuation] | \n", "[('DDL',), ('Keyword',), ('Function',), ('Punc... | \n", "4 | \n", "4.400948 | \n", "-174.930469 | \n", "513.570637 | \n", "malicious | \n", "
13605 | \n", "create table Product (pid int primary key, pna... | \n", "legit | \n", "[DDL, Keyword, Function, Punctuation] | \n", "[('DDL',), ('Keyword',), ('Function',), ('Punc... | \n", "4 | \n", "4.137866 | \n", "-174.930469 | \n", "513.570637 | \n", "malicious | \n", "
13495 | \n", "SELECT dept, number, SUBSTR(title, 1, 12) AS s... | \n", "legit | \n", "[DML, Identifier, Punctuation, Builtin, Punctu... | \n", "[('DML',), ('Identifier',), ('Punctuation',), ... | \n", "8 | \n", "4.699688 | \n", "-20.133315 | \n", "353.217738 | \n", "malicious | \n", "
3 rows \u00d7 9 columns
\n", "