Results 1 to 10 of 19

Thread: MD5 Securing SQL Injections

Threaded View

  1. October 30th, 2008, 08:42 AM #11
    SirDice
    SirDice is offline
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    Posting a username like

    a' OR 1=1;

    Short circuits the whole deal... The SQL statement will become:

    SELECT r34ln4m3 FROM 1nside0ut WHERE
    md5(l0gn4m3)=’a’ OR 1=1; AND entryw41=’$passwd’;

    If he'd done something like:

    $username = md5($_POST["username"]);
    $passwd = md5($_POST["passwd"]);

    $md5_un=calc_md5($username);
    $md5_pw=calc_md5($password);

    $query = “SELECT r34ln4m3 FROM 1nside0ut WHERE
    l0gn4m3=’$md5_un’ AND entryw41=’$md5_pw’”;

    That would have protected him... Unfortunately the guy's rather clueless..
    Last edited by SirDice; October 30th, 2008 at 08:49 AM.
    Oliver's Law:
    Experience is something you don't get until just after you need it.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Similar Threads

  1. SQL Tutorial – Basics
    By mikester2 in forum Other Tutorials Forum
    Replies: 5
    Last Post: January 31st, 2005, 01:16 PM
  2. SQL Tutorial
    By ch4r in forum Other Tutorials Forum
    Replies: 5
    Last Post: January 18th, 2005, 08:20 AM
  3. Securing Windows 2000 and IIS
    By spools.exe in forum Microsoft Security Discussions
    Replies: 0
    Last Post: September 15th, 2003, 09:47 PM
  4. Heads Up - Cumulative Patch for Microsoft SQL Server (815495)
    By CXGJarrod in forum Microsoft Security Discussions
    Replies: 0
    Last Post: July 23rd, 2003, 10:00 PM
  5. SQL Sapphire Worm Analysis
    By s0nIc in forum AntiVirus Discussions
    Replies: 2
    Last Post: January 27th, 2003, 12:23 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules