Security Basics mailing list archives
ASP/PHP SQL Injection
From: "coder" <elite.coder () ntlworld com>
Date: Tue, 29 Aug 2006 23:20:05 +0100
Hi all, I have been reading quite a bit into SQL injections and I just wondered if my thinking is correct: If one has the ASP or PHP source code for a site, they would just look for- (written in a pseudo-ish code as I assume the same principles exist for ASP and PHP) $variable = get_value_from_url('variable') // ie blah.asp?variable="hello" SQL = "SOME SQL" & $variable & "SOME MORE SQL" or <executing object (i.e. rs.open)> "SOME SQL" & $variable & "SOME MORE SQL" When looking for potential SQL Injection attacks, its one of the 2 SQL lines one would look for... is that correct? And to stop SQL Injection attacks, one only has to "sanitise" the variable with CLng() in the case of numeric fields and in the case of alphanumeric fields a built-in PHP/ASP/MySQL function can be used. Also, assuming my thinking above is correct, what does one look for when checking for possible XSS attack? Thanks for your input, Davie Elliott --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- ASP/PHP SQL Injection coder (Aug 30)
- RE: ASP/PHP SQL Injection Daniel Gargallo (Aug 31)
- Re: ASP/PHP SQL Injection Andrew Kane (Aug 31)
- <Possible follow-ups>
- Re: ASP/PHP SQL Injection pratiksha . doshi (Aug 31)
- Re: ASP/PHP SQL Injection coder (Aug 31)