-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I've seen the best way to counter injections (in PHP) is to use the
mysql_real_escape_string (see:
http://www.php.net/mysql_real_escape_string). This way, any data
inserted will become a 'safe string' and therefore will not take control
of your query.
For an example, by using your example, a user inputs "; DROP DATABASE
`test`;" as the input variable. the first semi-colon will make it
attempt to query everything up until that spot (which will error), it
will then run the DROP DATABASE command which might work if you have a
test database (thus, destroying your database) and then finally,
continuing with the code afterwards, which will error as well.
Basically, protecting yourself from a SQL injection is a MUST if you
accept any input!
coder wrote:
Hi all,
I have been reading quite a bit into SQL injections and I just wondered if
my thinking is correct:
If one has the ASP or PHP source code for a site, they would just look for-
(written in a pseudo-ish code as I assume the same principles exist for ASP
and PHP)
$variable = get_value_from_url('variable') // ie blah.asp?variable="hello"
SQL = "SOME SQL" & $variable & "SOME MORE SQL"
or
<executing object (i.e. rs.open)> "SOME SQL" & $variable & "SOME MORE SQL"
When looking for potential SQL Injection attacks, its one of the 2 SQL lines
one would look for... is that correct? And to stop SQL Injection attacks,
one only has to "sanitise" the variable with CLng() in the case of numeric
fields and in the case of alphanumeric fields a built-in PHP/ASP/MySQL
function can be used.
Also, assuming my thinking above is correct, what does one look for when
checking for possible XSS attack?
Thanks for your input,
Davie Elliott
---------------------------------------------------------------------------
This list is sponsored by: Norwich University
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this esteemed degree,
without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (MingW32)
iD8DBQFE9yB/Cggt9XTPwUwRAifFAJ9LUEz5DY9MM3KFyKSR/hGRxh6b0gCgitO1
LjCEFRZp5B56FWJO1KMOyfw=
=jYlU
-----END PGP SIGNATURE-----
---------------------------------------------------------------------------
This list is sponsored by: Norwich University
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this esteemed degree,
without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
