Results 1 to 4 of 4

Thread: DB driven Site? - SQLxploit white paper

  1. #1
    Senior Member
    Join Date
    Jan 2002
    Posts
    682

    DB driven Site? - SQLxploit white paper

    if any of you have a database driven site using asp, php or cfm or anything else...you should ...maybe even must... have a look at this white paper i found...

    http://www.nextgenss.com/papers/adva..._injection.pdf

    it is a very good read on advanced sql injection which is a huge security issue for many sites and needs to be attended to...or you will lose control of your your tables...or lose all you data....

    as you will see...it's as easy as this entry in any form field....

    jo'; drop table authors--

    and say goodbye to you authors table....
    I used to be With IT. But then they changed what IT was. Now what I'm with isn't IT, and what's IT seems scary and weird." - Abe Simpson

  2. #2
    This is great reading! Since more and more web sites are becoming database driven, I have noticed more and more canned scripts to make this happen are cropping up all over the place. This paper goes to show that a little help goes a long way for somebody worried about site break in's. Thanks for the post...

    **digs in his big bag o' greenies**

  3. #3
    Hi mom!
    Join Date
    Aug 2001
    Posts
    1,103
    God, I'm only halfway, and I'm wondering how many sites will be affected by this. Good find zigar!
    I wish to express my gratitude to the people of Italy. Thank you for inventing pizza.

  4. #4
    Senior Member
    Join Date
    Apr 2002
    Posts
    324
    This dates back to 1998. Take a look at the following two articles on wiretrip by .rain.forest.puppy.:
    "How I hacked PacketStorm" (wwwthreads advisory)
    NT Web Technology Vulnerabilities

    Also I mentioned sql piggy-backing in my tutorial:
    Securing an installation of IIS 4. (No, seriously)

    That said - good post. Not enough people know. There's nothing you can do about this but ensure that any code you write checks user input properly. Write your checking mechanism as a class and re-use it everywhere you accept user input. Like I say in the tutorial you should automatically dissallow any user input that contains a ';' character (used to close a line in SQL and an easy way to add a new, unintended, one).

    If anyone's interested I have the details of a penetration test that I set up using this exploit (I will not post this openly however for obvious reasons - maybe in the addicts forum when I am allowed in - If a senior wants to post my research there on my behalf PM me). I never used the passwords/cc# I gathered, but take it from me that this is a _SERIOUS_ threat.
    \"I may not agree with what you say, but I will defend to the death your right to say it.\"
    Sir Winston Churchill.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •