[prev in list] [next in list] [prev in thread] [next in thread] 

List:       webappsec
Subject:    RE: SQL Injection
From:       "V. Poddubniy" <vpoddubniy () mail ! ru>
Date:       2004-05-31 20:37:22
Message-ID: 000001c4474f$14613580$82c930d4 () PODDUBNYYMAIN
[Download RAW message or body]

Hello,

This is not safe. May be some sql servers wiill accept double qoutes
instead of single... And what about user O'Neil? Is his last name bad?

Use sql command parameters, if your sql engine allows it. If it does not
work, this is bug in the engine... Send them some feedback :-)

--
Best regards,
 Vladimir Poddubniy

-----Original Message-----
From: Emanuele Zattin [mailto:emanuelez@mymachine.mydomain.com] 
Sent: Friday, May 28, 2004 11:18 AM
To: webappsec@securityfocus.com
Subject: SQL Injection


Hello Everybody!
I recently found out that one of my websites suffered SQL injections
like 
this:

Login: a' OR 'a'='a
Password: a' OR 'a'='a

I solved the problem checking whether the logon or password variables 
contained the "'" char... is it safe enough? i checked around the net
and 
found a recent paper from Imperva but it does not talk about single
chars 
checking... i tried to ude different encodings but that string in UTF-8
is 
just the same... any hint?

[prev in list] [next in list] [prev in thread] [next in thread]