AardvarkBusiness.net - Business Search Engine AardvarkBusiness.net - Business Search Engine



 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister   ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

     

Hacking MySQL

 
 
Post new topic   Reply to topic    AardvarkBusiness.net Forum Index -> Programming Forum
View previous topic :: View next topic  
Author Message
foundThroughAdminSig
President
President


Joined: 24 Apr 2004
Posts: 6491

7611 ants

PostPosted: Fri Feb 01, 2008 8:22 am    Post subject: Hacking MySQL Reply with quote

I need to add a bunch of custom fields in a certain application. All fields need to be validated, but obviously, I want to validate them in such a way that MySQL (the backend database) doesn't get hacked or ..., you know, manipulated. What do I need to do in order to prevent this from happening?

(By the way, the application that I''m modifying is Coppermine Photo Gallery and I'll just following the following mod to do this:

http://coppermine-gallery.net/forum/index.php?topic=35263.0

So, basically, I'm trying to figure out if this mod is sufficient for the data validation or I need to add more code to ensure that the application doesn't get hacked or anything like that.)
_________________
Online Education :: Training Forum
Chat about health ... Finance Books
Back to top
View user's profile Send private message Visit poster's website
Neilson
President
President


Joined: 27 Oct 2004
Posts: 589
Location: FL
695 ants

PostPosted: Tue Feb 05, 2008 2:01 pm    Post subject: Reply with quote

I would start by using the replace function in some server side validation, replacing a single quote ( ' ) with two single quotes (''). If you enter a single quote in a form then you could add your own sql statement when submitting the form.

For example if your backend sql statement read :
Code:

strSQL = "SELECT * FROM tblUsers " & _
           "WHERE Username='" & p_strUsername & _
           "' and Password='" & p_strPassword & "'"


if your username was username and password was password, that would generate the sql statement:

Code:

strSQL = "SELECT * FROM tblUsers " & _
           "WHERE Username= 'username'
          and Password=' 'password'


But id you entered a single quote in the username field followed by or 1 = 1 -- the you would build the following sql statement:

Code:

strSQL = "SELECT * FROM tblUsers " & _
           "WHERE Username= '' or 1=1 --
          and Password=' 'password'


which would return true because 1=1 is true and the two dashes -- comment out the rest of the sql string.


You need to do this in some server side validation, because if you do it client side, with javascript for example, the hacker could just disable javascript in their browser which would disable your validation.

Take a look at this article - http://www.4guysfromrolla.com/webtech/061902-1.shtml

[/code]
_________________
AOSEP - SEO Forum
Back to top
View user's profile Send private message Visit poster's website
patelmiteshb
Secretary
Secretary


Joined: 29 Apr 2008
Posts: 6

13 ants

PostPosted: Tue Apr 29, 2008 9:17 am    Post subject: Hi Reply with quote

Great Job Guys !! Thanks.
_________________
<a href="http://www.polluxsoftech.com" target="_blank" class="postlink">Software Outsourcing</a> :: <a href="http://www.bestseoguru.co.uk" target="_blank" class="postlink">SEO Services</a>
Back to top
View user's profile Send private message Send e-mail
Display posts from previous:   
Post new topic   Reply to topic    AardvarkBusiness.net Forum Index -> Programming Forum All times are GMT + 1 Hour
Page 1 of 1

 
Google
 
Business Forum Sport Forum Travel Forum


Powered by php B B © 2001, 2002 php B B Group

AardvarkBusiness.net Business Search Engine & Directory