?url_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Adc&rft.title=Ataques+SQL+Injection%3A+Caso+de+estudio+con+MySQL+y+PHP&rft.creator=Casta%C3%B1o+G%C3%B3mez%2C+Juan&rft.contributor=L%C3%B3pez+Fern%C3%A1ndez%2C+Daniel&rft.subject=Computer+Science&rft.description=En+el+mundo+actual%2C+la+sociedad+depende+del+acceso+a+sus+datos+a+trav%C3%A9s+de+Internet%2C+por+lo+que+la+necesidad+de+contar+con+medidas+de+seguridad+adecuadas+es+cada+vez+m%C3%A1s+cr%C3%ADtica.+En+concreto%2C+las+aplicaciones+web+se+han+convertido+en+un+medio+instant%C3%A1neo+de+difusi%C3%B3n+de+informaci%C3%B3n%2C+y+estas%2C+a+veces+tienen+la+necesidad+de+utilizar+una+base+de+datos+a+petici%C3%B3n+del+usuario.+La+popularidad+de+las+bases+de+datos+basadas+en+SQL+no+ha+pasado+desapercibida+por+los+hackers%2C+que+buscan+t%C3%A9cnicas+para+poder+atacar+las+mismas.+Un+ataque+de+SQL+Injection+consiste+en+la+inserci%C3%B3n+o+inyecci%C3%B3n+de+una+consulta+SQL+a+trav%C3%A9s+de+los+datos+de+entrada+del+cliente+a+la+aplicaci%C3%B3n.+La+gravedad+de+los+ataques+de+inyecci%C3%B3n+SQL+est%C3%A1+limitada+por+la+habilidad+y+la+imaginaci%C3%B3n+del+atacante+y%2C+en+menor+medida%2C+por+las+contramedidas+de+defensa+en+profundidad.+En+este+proyecto%2C+se+desarrollar%C3%A1+una+Aplicaci%C3%B3n+Web%2C+esta+aplicaci%C3%B3n+vendr%C3%A1+sustentada+por+seis+p%C3%A1ginas+web+independientes%2C+cada+una+con+mecanismos+de+seguridad+diferentes+para+as%C3%AD+prevenir+y+evitar+ataques+de+SQL+Injection+en+proyectos+desarrollados+en+PHP+Y+MySQL.%0D%0AAbstract%3A%0D%0AIn+today%E2%80%99s+world%2C+society+depends+on+access+to+its+data+via+the+Internet%2C+so+the+need+for+adequate+security+measures+is+becoming+increasingly+critical.+Web+applications+have+become+an+instant+means+of+disseminating+information%2C+and+these+sometimes+need+to+use+a+database+at+the+user%E2%80%99s+request.+The+popularity+of+SQL-based+databases+has+not+gone+unnoticed+by+hackers%2C+who+are+looking+for+techniques+to+attack+these+databases.+A+SQL+Injection+attack+consists+of+the+insertion+or+injection+of+a+SQL+query+through+the+client%E2%80%99s+input+data+to+the+application.+The+severity+of+SQL+Injection+attacks+is+limited+by+the+skill+and+imagination+of+the+attacker+and%2C+to+a+lesser+extent%2C+by+defense+countermeasures.+In+this+project%2C+aWeb+Application+will+be+developed%2C+this+application+will+be+supported+by+six+independent+web+pages%2C+each+one+with+different+security+mechanisms+to+prevent+and+avoid+SQL+Injection+attacks+in+projects+developed+in+PHP+and+MySQL.&rft.publisher=E.T.S.I+de+Sistemas+Inform%C3%83%C2%A1ticos+(UPM)&rft.rights=https%3A%2F%2Fcreativecommons.org%2Flicenses%2Fby-nc-nd%2F3.0%2Fes%2F&rft.date=2022-07&rft.type=info%3Aeu-repo%2Fsemantics%2FbachelorThesis&rft.type=Final+Project&rft.type=PeerReviewed&rft.format=application%2Fpdf&rft.language=spa&rft.rights=info%3Aeu-repo%2Fsemantics%2FrestrictedAccess&rft.identifier=https%3A%2F%2Foa.upm.es%2F71362%2F