The first Vulnerability that I would describe that may exist
in the systems that are based in the targeted supermarket is extracting data
using SQL injection from databases that are stored on their servers. As SQL is
used everywhere, it’s the most common database management application. Anytime
a user uses a website and enters his/her
information or retrieving information using a website it’s interacting with
SQL, this could include users submitting information via a web input box.
A survey announcing that nearly 30% of grocery shoppers have
ordered their food on the web via a supermarket website, this has doubled since
2014. As this market is growing so fast all major supermarkets are now
implementing some sort of online shopping system. Due to the nature of how fast
this market is growing, not all supermarkets could consider that their websites
could be an opening for SQL injection and extraction of sensitive data could be
leaked to attackers. SQL injection vulnerabilities are among the most common
software vulnerabilities and this has been the case for years (REF). This is
where an attacker would begin if he/she or they were thinking about to steal
confidential data and using this data to gain financially by selling it.
The way that SQL injection works is that it uses SQL to query
a backend database and pulling out the information that you want as you are defining
as a string of commands.
The problem is with SQL is that you put in data in the same
string as the commands that are used, so the system doesn’t know whether it’s
listening to a command or the data. This means we are telling the backend
system to execute the commands that the attacker has created after our the
input of data.
Assuming that the targeted supermarket website has poor web
dev implementations attackers can find what type of databases that it’s using
by forcing the website to give the attacker an SQL error, this can be done by a
command such as “test’;# ” in the username and any input in the password box or
“Password check” and assuming that the website has poor mitigations the website
will produce an error statement with the
database version within the statement.
Assuming that the supermarket has many databases an attacker
by hand would have to traverse through all the database names, tables names,
call names and figure out what exactly you would want to pull out from the
database to achieve his/hers goals but this has been around for so long it and
it’s been so polished and perfected by developers and they have created tools
that will do all of the work for attackers, assuming that you know that the
page is vulnerable to SQL attacks by testing via previous techniques mentioned,
attacks can point the tool at the website and it will pull out every single
piece of data from that targeted database which could include credit cards
numbers of users that have been used to purchase stock online. The tool will
look for vulnerable behaviors and it
knows to use certain strings to inject.