Exploiting SQL Injection "Attack" by ChintanGurjar


More Info
									      Exploiting SQL Injection “ Attack “

Hi Geeks,Lets start with the tutorial.Before starting I am dam sure that most of
you didn’t understood the question.

Exploiting the SQL injection Attack

Meaning :- This shows that how we can exploit SQL injction “Attack”.I am not
going to show you that how one can attack a website with “SQL Injection
Attack.”But here I specified “Attack” word in the title.Which shows that we are
attacking the SQL injection “Attack”.Means We are going to protect our website
by being attacked from the hackers,who are attacking our site with SQL
injection.So here I want to show you that how we can do secure coding.

For that we need some good coders with the bit knowledge of attack methods of
vulnrability.Because now a days if any coder gets job,he started doing coding
without watchin security matter.

Bascially we can eliminate the vulnerability by 2 methods.

1.Input Validation Coding :-

Here I am talking about the validation.Normal validation that coder makes on to
the register page or any other page.This method is very simple,less time and brain
consuming and also more effective.I don’t know I am right or wrong but as per my
thinking this method prevents the SQL injection attack 55% to 65%.

Lets see with exmple.

If any site has a detail of customer.Then If i have made this information page of
customer named “cust_info”.This is the normal page but if any particular
customer logged in the I must have given any particular ID(Integer).
Suppose if I am CHINTAN the customer and my id is 26543 then my page will work
like this.


This id 26543 shows particular my info.

So basically here is the GET request.Input number is going to input in this GET
request.So we can give here security by adding one type checking IF
condetition.Like this,

Function :- is_numeric

Exmple :-






Statement ;

Where statement is the => Give acceptance to it.Or This is valid and further
processing is to be done.Redirection or response or anything esle.

For further information visit here,

Ok.Lets consider the other senerio.As i have given that my ID is 26543.So it will
always be 5 characters for my id.Which will reamin same as it is for a long time
until and if the site got changes.So we can also put another security by adding
another PHP function.Like this,

Function :- preg_match

Exmple :-






Statement ;

Where statement will be like this.IF the values are true then we can take action by
defining the statement.Like redirection.Connection lost in the case of value dont
get true.Or Redirection to 404.php

For more detail about function go here,

2.Not Allowing Special Characters :-

The sensitive part of the website like search box and all that where mostly
attacker gives this type of special character for attacking with SQL and XSS.




So if in coding we are blocking this type of character to input no 1 even will able
to input such characters neither in that particular box nor from URL.So how will
he check that its vulnerable or not?So we can be secrured.

Another Handy trick that we can do is this.

Server’s coding should do in such a way that if any attacker puts this type of
special characters to attack,then rather to redirect on 404.php(if result has not
come),it should redirect on a page which displays a POPup with the message that
“your original IP adress and the MAC adress has been fetched up.This was the
trap.”So if any attacker even finds the vulnerability he wont even think to exploit
it again after seeing this msg.

So,far as I am the PHP developer I know about this function so made tutorial to
prevent SQL injection on PHP sites.I am assuming that there may be functions like
this in .NET and JAVA.So, one must use it to secure site by coading.Why to pay
extra money to security analyst if PHP is giving such a good inbult functions like


Thank you Guys.

Facebook :- https://www.facebook.com/h4nDs0m3.dEviL
Twitter      :- https://twitter.com/#!/FrogMode (Recommended To
               Follow Me)

To top