Investigation of Bangladesh region based web applications: A case study of 64 based, local, and global SQLi vulnerability

Farah, Tanjila; Alam, Delwar; Ali, Md Nadir Bin; Kabir, Alamgir

doi:10.1109/wiecon-ece.2015.7443891

Cited by 4 publications

(8 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A template is a form that is reused for a defined pattern composed by a group of components [2]. For web applications, templates are dynamically generated web pages based on a structure that helps users easily obtain information [4], [6].…”

Section: Templatementioning

confidence: 99%

“…They manipulate legitimate users' data and inject SQL queries to retrieve data from databases, DOS attacks, and browserbased attacks. Owing to JS, all possible attacks in JS are feasible in Ajax-based web applications [2] [4][9]. Nowadays, Secure Sockets Layer (SSL) or HTTPS channels are used in most web applications for securing the transmission of data over the internet [10].…”

Section: Ajax Working Processmentioning

confidence: 99%

“…Different types of trusted firewalls are available in the market to defend against SQLi vulnerability, but the authors refer to several SQLi techniques that can be used to evade firewalls and destructive web application databases. After exploiting SQLi vulnerability, they analyze the results, and warn web developers and web administrators to take this vulnerability as a serious issue [2]. Fig.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

A Study of Ajax Template Injection in Web Applications

Noyon¹,

Abid²,

Hassan³

et al. 2018

IJET

View full text Add to dashboard Cite

Cyber-attacks are becoming increasingly frequent, causing a lot of damage. Cyber-attacks have crippled our economic infrastructure both directly and indirectly. Attackers steal our valuable data by compromising web application security loopholes. Developers can prevent cyber-attacks using latest web technologies. Since web technologies are becoming more secure, cyber attackers are getting more incursive to find out the zero day vulnerability of the targeted system to breach the security. Nowadays most damaging attacks are done using zero-day vulnerability. An Ajax template injection is such an attack: An unauthenticated attacker dumps database table credentials by intercepting server response. Owing to the damage caused by an Ajax template injection, it can be counted among the OWASP top ten web application vulnerabilities in the near future. This paper discusses the idea of an Ajax template injection and its impact on Ajaxbased web applications. This paper also provides statistical data about the percentage of Ajax-based web application vulnerabilities in Bangladesh.

show abstract

Section: Templatementioning

confidence: 99%

Section: Ajax Working Processmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

A Study of Ajax Template Injection in Web Applications

Noyon¹,

Abid²,

Hassan³

et al. 2018

IJET

View full text Add to dashboard Cite

show abstract

“…Base64 encoding schemes are commonly used when there is a need to encode binary data that needs to be stored and transferred over media that are designed to deal with textual data [10]. This is to ensure that the data remains intact without modification during transport.…”

Section: Based Injectionmentioning

confidence: 99%

“…This injection is used for WAFs that block structured SQL commands such as union select, group concat etc. from executing [10]. So these commands are sent to the database wrapped in a locally defined variable.…”

Section: E Local Variable Injection/ Global Variable Injectionmentioning

confidence: 99%