Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Web-App-Sec
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Forced invalid SQL errors

from [Steven M. Christey] Network Security [Permanent Link]
Subject: Forced invalid SQL errors
Date: Sat, 10 Dec 2005 14:51:28 -0500 (EST) 

All,

I am noticing a significant number of diagnosis errors by beginner
researchers who try to exploit SQL injection holes using simple
manipulations such as:

  victim.php?action=create&param='[SQL]

The researcher causes the script to generate an error but doesn't dig
any deeper, labeling it "SQL injection".

In some number of cases - I can't guess at a percentage - it's clear
that they're just causing invalid SQL to be generated, and there's no
real ability to modify an SQL statement.

This often seems to happen when the wrong type of data is provided,
e.g. when the ' gets inserted as a value in a field that is expected
to be numeric.

I think of this as SQL "modification" and insufficient data cleansing
at worst, not SQL injection.

A term "forced invalid SQL" comes to mind, but I was wondering what
terminology others use, if any, and if there are other examples
besides using a non-numeric value in a numeric field.

- Steve
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Forced invalid SQL errors, Steven M. Christey <=
Previous by Date:  Re: Security training of developers and company liability, Daniel
Next by Date:  Security of magic_quotes_gpc under PHP against SQL injection, Todd Hendricks
Previous by Thread:  New SF Article Announcement: Trusting software, Andrew van der Stock
Next by Thread:  Security of magic_quotes_gpc under PHP against SQL injection, Todd Hendricks
Indexes:  [Date] [Thread] [Top] [All Lists]