Page 1 of 2 12 LastLast
Results 1 to 10 of 19

Thread: MD5 Securing SQL Injections

  1. #1
    Member Slartarama's Avatar
    Join Date
    May 2008
    Location
    Pacific Northwest
    Posts
    53

    MD5 Securing SQL Injections

    So I was perusing google looking for PHP/MySQL anti-SQL injection scripts/tutorials and I came across a script where the author showed a script that would be "insanely secure" one of the things that he did was MD5 the uname and pword. That was all he did as far as filtering for user input.

    The first comment, which sparked a large discussion, was that it was open to SQL injections. There was a lot of arguing as to whether or not it was free from SQL injections, but no one ever really concreted their case. Since no one would test it.

    I haven't had a chance to set up anything to test this, but does anyone know from experience whether or not using the MD5 PHP function can stop a SQL injection? I am aware that MD5 is deprecated and not as secure as it once was, I have been able to google a few hashes myself and get the actual plain text, but I am still wondering if it would stop SQL injections.

    Thanks,

    Slart

  2. #2
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    In short, no it won't.

    Somewhat longer version, input validation! Don't trust anything a clients sends you.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  3. #3
    Senior Member
    Join Date
    Oct 2003
    Location
    MA
    Posts
    1,052
    Yup thats the number one rule :-)

  4. #4
    Member Slartarama's Avatar
    Join Date
    May 2008
    Location
    Pacific Northwest
    Posts
    53
    That is what the author was saying, that by using MD5() on the username and password, that it was doing the filtering, which is why there could be no SQL injection. Which is what started the argument.

    But is that a valid way to filter? I don't know if it sounds kosher to me, but it seems that encrypting the username and password fields would actually work, I don't know. He didn't use any other kind of filtering.
    Last edited by Slartarama; October 29th, 2008 at 05:47 PM. Reason: Spelling error

  5. #5
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    A linky to the original article might be useful. As he might have a point but without knowing what else is inputted there's no way to tell if it's enough..
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  6. #6
    Banned
    Join Date
    Jan 2008
    Posts
    605
    Quote Originally Posted by Slartarama View Post
    That is what the author was saying, that by using MD5() on the username and password, that it was doing the filtering, which is why there could be no SQL injection.
    Wrong.

    I don't know if it sounds kosher to me, but it seems that encrypting the username and password fields would actually work, I don't know.
    Unless you add your own salt...

    All its going to do is slow people down from one defacement per thirty seconds to one defacement every thirty minutes. At that point, either way you've got little pink kittens dancing on your homepage.

  7. #7
    Member Slartarama's Avatar
    Join Date
    May 2008
    Location
    Pacific Northwest
    Posts
    53
    Yeah, sorry I should have posted the link originally, here it is:

    http://insanesecurity.wordpress.com/...-login-script/

  8. #8
    THE Bastard Sys***** dinowuff's Avatar
    Join Date
    Jun 2003
    Location
    Third planet from the Sun
    Posts
    1,253
    09:F9:11:02:9D:74:E3:5B8:41:56:C5:63:56:88:C0

  9. #9
    Senior Member t34b4g5's Avatar
    Join Date
    Sep 2003
    Location
    Australia.
    Posts
    2,391

    Question

    Quote Originally Posted by dinowuff View Post

    To much effort to read and learn, i prefer to just be able to point 'N click. I'll just load up my super dooper skript kiddie app with 101 l337 h4x0'r tools and do a super doooper kewl SQL injection.
    Last edited by t34b4g5; October 30th, 2008 at 01:28 AM.

  10. #10
    Member Slartarama's Avatar
    Join Date
    May 2008
    Location
    Pacific Northwest
    Posts
    53
    okay please forgive me, I read the SQL injection post, I am still lost. After reading this guy's script, I agreed with the first response that this is still open to SQL injection but I don't exactly follow why.

    Something is just not right, a lot of people think in that post that the MD5() of the username makes it safe. I wrote a few PHP logins in my time but that was years ago I always used the filtering functions to filter user input and MD5 for the passwords. I'm sure if I looked back they would be out of date or heaven for fend I might have sites out there that are not really secure. I'm a rank amateur and I am very rusty.

    So I know that MD5() (as dated as it is) encrypts the input in this case, but what exactly makes it open to injection? I have a feeling that it is wide open, especially judging from the original author's "teenage ranting" and the first response is from someone that seems to know what is going on, but well, it just seems off, so can someone explain it to me, I see that it would make an MD5 hash out of the injection if inputed, but would SQL see it as an MD5 hash or as "'OR 1=1-- " even though it is encrypted. Anyway that's where I am lost.

    Thanks
    Slart

Similar Threads

  1. SQL Tutorial – Basics
    By mikester2 in forum Other Tutorials Forum
    Replies: 5
    Last Post: January 31st, 2005, 01:16 PM
  2. SQL Tutorial
    By ch4r in forum Other Tutorials Forum
    Replies: 5
    Last Post: January 18th, 2005, 08:20 AM
  3. Securing Windows 2000 and IIS
    By spools.exe in forum Microsoft Security Discussions
    Replies: 0
    Last Post: September 15th, 2003, 09:47 PM
  4. Heads Up - Cumulative Patch for Microsoft SQL Server (815495)
    By CXGJarrod in forum Microsoft Security Discussions
    Replies: 0
    Last Post: July 23rd, 2003, 10:00 PM
  5. SQL Sapphire Worm Analysis
    By s0nIc in forum AntiVirus Discussions
    Replies: 2
    Last Post: January 27th, 2003, 12:23 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •