| Thursday May 24th 2012

SQL injection countermeasure failures


Cute article about sanitizing form input…

…found this next snippet in the authentication code for the project he’d been assigned to.

// The following string is an SQL comment, and could
// blank out the check for password in our SQL statement
// if used in the username!
if (username.indexOf("';--")!=-1) {
    throw new AuthorisationException(username
      +" given as login name contains ';--, this is bad for SQL!");
}

// Get the (hopefully single) id of the player with
// this name and password
ResultSet authorised = statement.executeQuery(
    "SELECT id FROM table_name_redacted WHERE "
    + "username='"+username
    +"' AND password='"+password+"';");

It’s a bit better, but doesn’t quite fool the hacker who uses the “‘; –” attack instead of “‘;–”.

Read more…

Related Posts: On this day...

Post Published: 13 September 2008
Found in category: exploit, vulnerabilities

Previous Topic:
Next Topic:

Leave a Reply

Latest Topics

Meet a “real-life Barbie” Meet a »

A 21-year-old girl, who has become an...

BlackBerry 10 »

Apple will release 2 years after BlackBerry...

Pittsburgh’s Twin City: Kaunas, Lithuania »

Google Maps...

The Decline and Fall of “Draw Something” The Decline »

Just six weeks ago, Draw Something was the...

“Tron: »

Can Tron do for Disney XD what Star Wars did...

Gary Wilson »

Have our brains evolved to handle the...

The University of Pittsburgh Bomb Threats The University »

This spring, the University of Pittsburgh...

Facebook Buys Instagram For $1 Billion Facebook Buys »

Facebook just bought Instagram for $1...

“Dumb And Dumber 2″ confirmed by Peter Farrelly “Dumb »

Dumb And Dumber 2 has been confirmed to...

Why Groupon is poised for collapse Why Groupon is »

The author has great points. Why the company...

Draw Something bought by Zynga Draw Something »

The party was in celebration of Zynga’s...

HOWTO: Cheat Against Your Friends On Draw Something HOWTO: Cheat »

Draw Something is one of the hottest apps on...

Live stream »

...

HOWTO: Be A »

Not everyone is great at math. But this...

AIM is (unofficially) dead AIM is »

For anyone inside the generation for which...

Google is globally switching its search to HTTPS by default Google is »

Google has announced on its Inside Search...

U.S. Warns Apple and Publishers U.S. Warns »

"The publishers have denied acting jointly...

Your New Zombie Hammer! Your New »

Kinda looks like an update on the old $2...

The Maybach From the “Otis” Video Up for Auction in NYC The Maybach »

Need something to take to the Hamptons this...

The »

See you at the Sizzler!...

Recent Comments

Fenwick: I'm no longer sure the pl...

Nate: I think this is among the...

Eleen: We are a group of volunte...

Categories

.edu 4chan apple best practices books codemonkey con cool copywrong crackberry drm sucks encryption exploit facebook twitter firefox freeish free open source software ftw google hax hot deals howto linux lulz malware micro$oft news obama offtopic photo/pics piracy politics privacy pwned riaa sucks ron paul security spam tsa sucks ugh vulnerabilities wtf xkcd youtube zombies!

RSS US CERT RSS Feed