- Database Testing Tutorial
Forcepoint Web Security Endpoint Cloud Forcepoint Web Security Endpoint Cloud.
- Database Testing Useful Resources
- Selected Reading
Database security testing is done to find the loopholes in security mechanisms and also about finding the vulnerabilities or weaknesses of database system.
The main target of database security testing is to find out vulnerabilities in a system and to determine whether its data and resources are protected from potential intruders. Security testing defines a way to identify potential vulnerabilities effectively, when performed regularly.
Given below are the primary objectives of performing database security testing −
- Authentication
- Authorization
- Confidentiality
- Availability
- Integrity
- Resilience
Types of Threats on a Database System
![Factsage Database Security Factsage Database Security](http://www.crct.polymtl.ca/fact/facthelp/Images_FS72New/Viewdata72_composition_tab.png)
SQL Injection
This is most common type of attack in a database system where malicious SQL statements are inserted in the database system and are executed to get critical information from the database system. This attack takes advantage of loopholes in implementation of user applications. To prevent this, user inputs fields should be carefully handled.
Privilege Elevation in Database
In this attack, a user already has some access in the database system and he only tries to elevate this access higher level so that he/she can perform some unauthorized activities in database system.
Denial of Service
In this type of attack, an attacker makes a database system or application resource unavailable to its legitimate users. Applications can also be attacked in ways that render the application, and sometimes the entire machine, unusable.
Unauthorized Access to data
Another type of attack is gaining unauthorized access to data within an application or database system. Unauthorized access includes −
- Unauthorized access to data via user based applications
- Unauthorized access to by monitoring the access of others
- Unauthorized access to reusable client authentication information
Identity Spoofing
In Identity Spoofing, a hacker uses the credentials of a user or device to launch attacks against network hosts, steal data or bypass access controls to database system. Preventing this attack requires IT-infrastructure and network-level mitigations.
Data Manipulation
In a data manipulation attack, a hacker changes data to gain some advantage or to damage the image of database owners.
Database Security Testing Techniques
Penetration Testing
A penetration test is an attack on a computer system with the intention of finding security loopholes, potentially gaining access to it, its functionality and data.
Risk Finding
Risk Finding is a process of assessing and deciding on the risk involved with the type of loss and the possibility of vulnerability occurrence. This is determined within the organization by various interviews, discussions and analysis.
SQL Injection Test
It involves checking the user inputs in application fields. For example, entering a special character like ‘,’ or ‘;’ in any text box in a user application should not be allowed. When a database error occurs, it means that the user input is inserted in some query, which is then executed by the application. In such a case, the application is vulnerable to SQL injection.
These attacks are a big threat to data as the attackers can get access to important information from the server database. To check SQL injection entry points into your web application, find out code from your code base where direct MySQL queries are executed on the database by accepting some user inputs.
SQL Injection Testing can be performed for Brackets, Commas, and Quotation marks.
Password Cracking
This is the most important check while performing database system testing. To access critical information, hackers can use a password-cracking tool or can guess a common username/password. These common passwords are easily available on internet and also password cracking tools exist freely.
Therefore, it is necessary to check at the time of testing if the password policy is maintained in the system. In case of any banking and finance applications, there is a need to set a strict password policy on all the critical information database systems.
Security Audit of Database System
A security audit is a process of evaluating company’s security policies at a regular time interval to determine whether necessary standards are followed or not. Various security standards can be followed as per business requirement to define the security policy and then assessment of set policies against those standards can be done.
Example of most common security standards are ISO 27001, BS15999, etc.
Database Security Testing Tools
There are various system testing tools available in market, which can be used to test OS and application check. Some of the most common tools are discussed below.
Zed Attack Proxy
It is a penetration-testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. It is commonly used for Windows, Linux, Mac OS.
Paros
All HTTP and HTTPS data between server and client, including cookies and form fields, can be intercepted and modified using these scanners. It is used for Cross-platform, Java JRE/JDK 1.4.2 or above.
Social Engineer Toolkit
It is an open source tool and human elements are attacked rather than the system element. It enables you to send emails, java applets etc. containing the attack code. It is preferred for Linux, Apple Mac OS X and Microsoft Windows.
Skipfish
This tool is used to scan their sites for vulnerabilities. Reports generated by the tool are meant to serve as a foundation for professional web application security assessments. It is preferred for Linux, FreeBSD, MacOS X, and Windows.
Vega
It is an open source, multiplatform web security tool that is used to find instances of SQL injection, cross-site scripting (XSS), and other vulnerabilities in web applications. It is preferred for Java, Linux, and Windows.
Wapiti
Wapiti is an open source and web-based tool that scans the web pages of the web application and check for scripts and forms where it can inject data. It is built with Python and can detect File handling errors, Database, XSS, LDAP and CRLF injections, Command execution detection.
Web Scarab
It is written in Java and is used for analyzing the applications that communicate through HTTP/HTTPS protocols. This tool is primarily designed for developers who can write code themselves. This tool is not OS dependent.
Original author(s) | Merkur |
---|---|
Developer(s) | eMule-Team |
Initial release | May 13, 2002; 17 years ago |
Stable release | 0.50a (April 7, 2010; 9 years ago[1])[±] |
Preview release | 0.50b beta 1 (March 20, 2015; 4 years ago[2])[±] |
Repository | |
Written in | C++[3] |
Operating system | Windows |
Available in | 43 languages[4] |
Type | Peer-to-peer file sharing |
License | GNU GPLv2 |
Website | emule-project.net |
eMule is a freepeer-to-peer file sharing application for Microsoft Windows. Started in May 2002 as an alternative to eDonkey2000, eMule now connects to both the eDonkey network and the Kad network. Often used by clients looking for extremely rare content, the distinguishing features of eMule are the direct exchange of sources between client nodes, fast recovery of corrupted downloads, and the use of a credit system to reward frequent uploaders. Furthermore, eMule transmits data in zlib-compressed form to save bandwidth.
eMule is coded in C++ using the Microsoft Foundation Classes. Since July 2002 eMule has been free software, released under the GNU General Public License; its popularity has led to eMule's codebase being used as the basis of cross-platform clients aMule, JMule, xMule, along with the release of many eMule mods (modifications of the original eMule) on the Internet.
As of August 2017, it is the fourth most downloaded project on SourceForge, with over 685 million downloads.[5]
- 2Basic concepts
History[edit]
The eMule project was started on May 13, 2002 by Hendrik Breitkreuz (also known as Merkur) who was dissatisfied with the original eDonkey2000 client. Over time more developers joined the effort. The source was first released at version 0.02 and published on SourceForge on July 6, 2002.
eMule was first released as a binary on August 4, 2002 at version 0.05a. The 'Credit System' was implemented for the first time on September 14, 2002 in version 0.19a. The eMule project website started up on December 8, 2002.
Nodes in Kad network
Current versions (v0.40+) of eMule have added support for the Kad network. This network has an implementation of the Kademlia protocol, which does not rely on central servers as the eDonkey network does, but is an implementation of a distributed hash table.
Also added in recent versions were the ability to search using unicode, allowing for searches for files in non-Latin alphabets, and the ability to search servers for files with complete sources of unfinished files on the eDonkey network.
In new versions, a 'Bad source list' was added. The application adds an IP address to this list after one unsuccessful connection. After adding an IP to the 'Bad source list', the application treats this IP as a 'dead' IP. Unavailable IPs are banned for a time period from 15 to 45 minutes. Some users have complained that it leads to a loss of active sources and subsequently slows download speed.
![Systems Systems](/uploads/1/2/5/8/125800984/644706465.jpg)
Other recent additions include: the ability to run eMule from a user account with limited privileges (thus enhancing security), and Intelligent Corruption Handling (so that a corrupted chunk does not need to be re-downloaded entirely).
The 0.46b version added the creation and management of 'eMule collection' files, which contain a set of links to files intended to be downloaded as a set.
From 2007, many ISPs have used bandwidth throttling for usual P2P ports, resulting in slow performances.[6] The 0.47b version adds protocol obfuscation and eMule will automatically select two port numbers at random in the startup wizard.
Basic concepts[edit]
File transfer statistics of v.048a
Each file that is shared using eMule is hashed as a hash list comprising separate 9500 KiB chunks using the MD4 algorithm. The top-level MD4 hash, file size, filename, and several secondary search attributes such as bit rate and codec are stored on eD2k servers and the serverless Kad network.
Search parameters in eMule v0.50a
Users can search for filenames in the servers/kad and are presented with the filenames and the unique identifier consisting of the top-level MD4 hash for the file and the file's size that can be added to their downloads. The client then asks the servers where the other clients are using that hash. The servers return a set of IP/ports that indicate the locations of the clients that share the file.
eMule then asks the peers for the file. eMule will then be queued until an upload slot becomes available.
When a complete chunk of 9,728,000 bytes (9500 KiB) is downloaded and verified, this data is also shared by the downloader, helping others to download the file as well.
It is also possible that a client knows other clients that are also sharing that same file. In that case a source exchange between the clients is made. This exchange of known peers is done directly between the peers.
Newer versions of eMule support AICH (Advanced Intelligent Corruption Handling). It is meant to make eMule's corruption handling competitive with BitTorrent. SHA-1 hashes are computed for each 180 KiB sub-chunk and a whole SHA-1 hash tree is formed. AICH is processed purely with peer-to-peer source exchanges. eMule requires 10 agreeing peers regarding the SHA-1 hash, so rare files generally do not benefit from AICH.
Low ID[edit]
Users who cannot be reached from the outside because they are firewalled, behind a NAT device that has not been correctly port forwarded, or whose IP address ends with a zero (e.g. 123.45.67.0)[7] get a 'Low ID' from the servers. They are still able to upload and download but need the help of servers or other kad clients to be reached by other clients. Since they cannot be notified that they are in front of an upload queue, they have to poll peers if an upload slot is available. Since they cannot connect to any other Low ID clients, they see only 40%-60% [8] of the clients that a High ID can see. Their IP/ports are not exchanged between other peers, limiting their possibilities for finding sources via eMule's pure-P2P source exchange.
A Low ID client also consumes a lot more data [9] on an eserver than a High ID client due to the lowidcallbacks. Also, a releaser or heavy uploader that uses a releaser mod such as MorphXT or Xtreme that is forced to operate on a Low ID (hotel room, job) also will find that he will have little control over his upload priorities (especially powershares) as the servers appear to limit their connection-forwarding for each client, thus turning his upload queue to a contention situation where the first to be able to get forwarding and find an open slot gets it.
Credit system[edit]
Credits are not global; they are exchanged between two specific clients. The credit system is used to reward users contributing to the network, i.e. uploading to other clients. The strict queue system in eMule is based on the waiting time a user has spent in the queue. The credit system provides a major modifier to this waiting time by taking the upload and download between the two clients into consideration. The more a user uploads to a client the faster he advances in this client's queue. The modifiers are calculated from the amount of transferred data between the two clients. The values used can be seen in the client's details dialog. To view this information, right-click on any user and choose View Details.
All Clients uploading to you are rewarded by the credit system. It does not matter if the client supports the credit system or not. Non-supporting clients will grant you no credits when you upload to them. Credits are stored in the clients.met file. The unique user hash is used to identify the client. Your own credits are saved by the client who owes you the credit. This prevents faking the credits. Your own credits cannot be displayed.
The computation formula for the Official Credit System is composed of two ratios as follows:[10]
Both ratios are then compared and the lower one is used as the modifier. A few conditions exist:
- If the Uploaded Total is less than 1 MB, then the modifier will remain at 1.
- If the client uploads data but doesn't download any, the modifier will be fixed at 10.
- The modifier can only be between 1 and 10.
An exception to this rule applies only when a peer is assigned a 'Friend Slot' after being added to the client's Friends list. This automatically assigns a reserved upload slot for that peer so that he/she can begin downloading regardless of the Credit rating. Only one Friend Slot can be reserved so as to prevent any form of abuse such as upload discrimination.[11]
eMule compared to other P2P applications[edit]
eMule is said to be the most complete implementation of the eD2k protocol and its extensions. eMule supports AICH, making its corruption handling competitive with BitTorrent. eMule also supports source exchanges, allowing it to substantially reduce the loads on the servers and Kad. With a High ID and well-sourced downloads pre-acquired by server and/or Kad, eMule is able to sustain the peer sources on these files independent longer after disconnection from eD2k and Kad.
eMule mods[edit]
As a popular open source program, eMule has many variants, usually called mods. Some mods started as forks from official eMule versions and then continued to develop independently rather than modifying newer official versions. An example of this type of mod is the obsolete eMule Plus. Since eMule Plus forked off before the release of v0.30, the first official version to include Kad, eMule Plus does not support this feature mainly because the project development has been abandoned for about 4 years. Other current mods follow official eMule releases and make their own releases based on each new release of the official version. Since distributed mods are required to publicly share their source code by the GNU General Public License, useful features created by mod developers can be quickly incorporated into an official version.
Fake eMule sites and malware[edit]
Due to the popularity and open-source nature of eMule, some third parties have created modified versions of it, which frequently contain spyware and other malware programs. Some fake sites ask for credit card information or require the user to sign up for a paid membership. The official eMule is free and does not ask for such information.
These versions are usually found via rotating advertisements sometimes placed on legitimate sites.[12][13]
Chinese mods of eMule client[edit]
VeryCD's easyMule is a popular eMule client among Chinese users. It has a simplified interface and lacks some advanced settings available in the standard eMule client. As of version 1.1 it only supports searching through the VeryCD database, though external eD2k links are accepted. Some criticized VeryCD for their misleading name 'Dianlv' (Chinese: 电驴; pinyin: Diàn Lǘ; literally: 'Electronic Donkey'; generally the Chinese name for eDonkey or eMule) and the site emule.org.cn, which is named 'Dianlv (eMule) Chinese Site' (电驴(eMule)中文网站).[14][15]
See also[edit]
References[edit]
- ^'The eMule Project at SourceForge.net'. eMule.SourceForge.net. 2010-04-07. Retrieved 2010-07-11.
- ^'Emule 0.50B Beta1 Released'. 2015-03-20. Retrieved 2015-03-22.
- ^Lextrait, Vincent (January 2010). 'The Programming Languages Beacon, v10.0'. Archived from the original on 30 May 2012. Retrieved 14 March 2010.
- ^eMule 0.50a Source: /srchybrid/lang/
- ^'Top Project Listings'. sourceforge.net.
- ^'Archived copy'. Archived from the original on 2009-09-16. Retrieved 2009-08-08.CS1 maint: archived copy as title (link)
- ^forum.emule-project.net How a Low ID is calculated.
- ^'Low Id clients increasing - Official eMule-Board'. emule-project.net.
- ^forum.emule-project.net lugdunummaster's technical post on direct and collateral upstream bandwidth consumption of a Low ID and a High ID client on RazorBack, in this example 20 times more overhead
- ^'eMule-Project.net - Official eMule Homepage. Downloads, Help, Docu, News...'emule-project.net.
- ^'eMule-Project.net - Official eMule Homepage. Downloads, Help, Docu, News...'www.emule-project.net.
- ^'The Spyware Infested Filesharing Programs List'. 10 November 2006. Retrieved 2009-03-11.
- ^'Fraudulent sites to eMule'. 11 December 2008. Retrieved 2009-03-16.
- ^陈佼'每周一蛋疼':诚恳建议'电驴'改名 (in Chinese). cnBeta. Archived from the original on 2010-07-20. Retrieved 2010-07-20.
- ^'VeryCD对eMule/电驴/电骡/VeryCD/EasyMule等词的混淆性宣传分析与证据' (in Chinese). Archived from the original on 2010-07-05. Retrieved 2009-09-17.
External links[edit]
Wikimedia Commons has media related to EMule. |
- Official website
- eMule on SourceForge.net
- eMule Protocol Specification by Danny Bickson and Yoram Kulbak from Hebrew University of Jerusalem
- Glasnost test eMule traffic shaping (Max Planck Institute for Software Systems)
- eMule at Curlie
Retrieved from 'https://en.wikipedia.org/w/index.php?title=EMule&oldid=917808416'