What is SQL injection and Cryptography?


SQL Injection

SQL Injection is a technique used to take advantage of non validated input vulnerabilities to pass sql commands through a web application for execution by a back-end database.

 Although SQL injection is a flaw in web applications and not a database or web server issue.

 SQL(structural query language) is a textual language used by a database server. SQL commands used to perform operations on the database that include insert,select,update and delete. Programmers use these commands to manipulate data in the database server.

 Programmers use sequential sql commands with client supplied parameters making it easier for attackers to inject commands. attackers attempt to execute random sql querries on a database server through a web application.

Cryptography


It is the practise of converting plain text message into understandable message and then sentover network to the enduser.

Cryptography in networks is used for securing the communication transmission.
The way the data is available in human understandable language converted into non-understandable language with the support of ciphers are called encryption.

The method of converting non-understandable language into human understandable language with support of cipher is called decryption.
 

Ciphers: These are algorithms with which data is encrypted.


Types of Ciphers

1. Classical Cipher.

2. Modern Cipher.

-- Classical ciphers are of 2 types

     1. Substitution cipher.
  
     2. Transposition cipher.

-- Modern Ciphers are of 2 types

   1. The key with which content is encrypted.
       i) Public Key.
       
      ii) Private key.

   2. The data with which content is encrypted.
       i) Stream Cipher.
      
       ii) Block Cipher.


Objectives of Cryptography


1. Confidentiality.

2. Integrity.

3. Authenticity.

Types of Cryptography

1. Symmetric Encryption

2. A-symmetric Encryption.

3. Hashing function.


List of popular Ciphers


1. AES

2. RSA

3. RC(4,5,7)

4. DES

5. MORSE

6. JAPOO

7. KOREX

8. HINDIA

9. YARRO

10. ATOM 128

11. MEGAN-35


List of popular Hashing functions


1. Message digest (MD2,MD4,MD5)

2. SHA (secure hashing algorithm)
   -SHA(1,2,3)

3. WHIRLPOOL

4. RIPEMD

5. CRC32

6. BASE 64

7. ROT13



Comments

Post a Comment

Popular posts from this blog

Managing Output with Manipulators in C++

Well, when I started studying C++ or you can say when I was forced to study CPP I was like already I have Maths, Physics and Chemistry to study so why this shitty extra burden on my shoulders. But that subject which I was forced to study or having no other option instead of studying CPP became my passion now. Anyways that's a hell of a story! So, this piece of reading will give you an explanation about what are manipulators and how they are implemented in CPP. Manipulators By the name you might have already thought that this is going to be something related to manipulation of something. Well, you are on a right track So, you already got an idea what it is about I would like to make it clear that what is that "something". That something is nothing but Input and Output operations. Well, in this post we will be focusing mainly on Managing Output with Manipulators. Lets, start the boring thing! The header file iomanip provides a set of functions call
Read more

What is sniffing?

Image
Wiretapping is a process of monitoring the telephone and internet conversations by a third party attackers connect a hardware or software or combination of both to the switch carrying information between two phones or hosts on the internet. Types of wire taping 1. Active wire taping : It only monitors, records the traffic (silently) and also alters the traffic. 2. Passive wire taping : It only monitors and records the traffic. Sniffing attacks are vulnerable to following protocols. 1. Telnet 2. FTP 3.SMTP 4. HTTP 5. POP3 6. NTP 7. IMAP 8. SNMP 9. RDP In network sniffing attacks are mostly done on data link layer and network layer of OSI reference model based switches Recommended sniffing tool is Wireshark.  Wireshark is available for both windows and Linux , it is the best tool for sniffing and it's absolutely free . You can download Wireshark from their official site  Wireshark download . Session Hijack
Read more

Creating a bootable USB.

A lot of people just asks me how to create a bootable USB easily. The funny part is that they mainly ask how to make it for Linux, I mean bro, if you don't know even how to make a bootable USB then you better should stick with windows OS, because it suits you better, but for the people who are reading this article for creating bootable USB, guys, first of all, I will tell you the simplest method. Don’t expect from me to explain to you how to make it using the command prompt. So, all you need is one software of 1 MB, your ISO file, a computer and yeah USB. So, just download the software Rufus from their official site(first link after typing Rufus on Google). Then make sure your ISO image file is downloaded. Now run the Rufus.exe file and then select the USB disk, from the first 'disk' option then in the bottom right of the application there will be a mall option.  Looking like a CD mounted on HDD. Click on that and select the ISO image file. A
Read more