In series of Blocking Web Application Attack I will try to uncover different types of web application attack surfaces and how we can test and fix them to prevent future attacks.
SQL Injection:
Let’s say we have one Login mechanism, I will explain you how one can bypass login mechanism with use of some basic SQL injection techniques.
Example Code for Login.html
Example Code for login.php
One can easily bypass this login mechanism by entering/ tempering data for password field with ‘ or ‘1=1. This will eventually execute statement as password = ‘’or ‘1=1’’;
More over user can delete database by entering or tempering data with ‘ DROP table database ; —
How can I prevent my application from SQL Injection attacks?
You can use mysql_real_escape_string(), This PHP function will escapes some special characters in a string for use in an SQL statement. This will affect following characters.
- \x00
- \n
- \r
- \
- ‘
- “
- \x1a
Example code after using mysql_real_escape_string()
In next post we will look at some more type of SQL Injections & How to Prevent Your application from SQL Injection?