Peter Larsson Blog

Patron Saint of Lost Yaks

SQL Injection

by Peter Larsson in  

Every now and then I see sites where commands are concatenated and sent to database server.
The author must really trust the user inputs!

For every system built this way, you can expect at least one attack with SQL injection. In some cases you might not be aware of the attack, and sometimes you are aware.

Here is an example of a "friendly" attack, that just promotes a site and when you click the link you execute a javascript who knows do what?

In this link http://www.sqlteam.com/forums/topic.asp?TOPIC_ID=102737
and this http://www.sqlteam.com/forums/topic.asp?TOPIC_ID=101673

there are examples of SQL injection attacks.

As I wrote in the first topic, "What if the attack could have encrypted all columns!".
That would be easy spotted in front-end application.

But what if the attack had scrambled all date columns? How long time would it then take to discover the SQL Injection attack?

I hope this learns all newbies, noobs and beginners to NEVER EVER concatenate string to send to database.
Always use parametrized queries as a first line of defence.

 

 

Legacy Comments
Nico
2008-05-15		 re: SQL Injection
It surprises me too that SQL Injection is still so common. There's a good primer on how to proof against these things on www.microsoft.com/hellosecureworld7 which I found to be pretty straightforward - but you're right, it's always important to just exercise best practices like not concatenating strings to send to the database.
wordress best blogs
2008-05-16		 re: SQL Injection
Ya I have seen that same very thing, it is interesting to come by. Databases are fragile and must be treated with care.
comcast sucks
2009-01-09		 re: SQL Injection
I'm suprised that the injection method is so common too, its strange to see old techniques still being used all the time. I see sql scripts all the time that use "GO", lol, but it still works great for its use.
agrotime blog
2009-01-13		 re: SQL Injection
I still use GO all the time in my sql statements, its different from simply executing.
Supra For Sale
2011-06-08		 re: SQL Injection
Plus they also provide increased back support and posture help. The wide elastic waistband on these trunks is 6 inches deep and has the potential to trim your waist measurement by a massive 2 inches.