a series of SQL injection attacks against an existing vulnerable database

Overview 

In this lab, you performed a series of SQL injection attacks against an existing vulnerable database to see

what damage can be done as a result of a failure to follow the principle of least privilege. You then

modified the database so that the application followed the principle of least privilege and made the

(minor) changes to the Web application that are required for this change. Finally, you repeated the attacks

to verify that the damage that you can cause is far more limited.

Lab Assessment Questions & Answers

1.Why did the SQL attacks used in this lab always end in

;

?

2.

Why

did you need to install the Web Developer Firefox add

on?

3.

What

error message occurs when a table is missing from the database?

4.

What

is the exact SQL query used when searching for Alan Ashby?

5.

What

command to the DBMS gives the bbro account the access it

needs?

find the cost of your paper