Skip to main content

Your plan to protect yourself from SQL Injection

SQL injection is  serious business , but you shouldn't be overwhelmed by the thought of defending against it. Follow these simple steps to keep attackers' eyes and fingers out of your databases.
  • Ensure that only generic, nondescriptive error message or HTTP 500 pages are displayed to users. Never give away database metadata like table names or application source code snippets in error messages. 
  • Validate simple input types like credit card numbers or postal codes with regular expression. If the input doesn't match the expected value, return an error to the user ( a generic, nondescriptive error!) and don't execute the database query.
  • Always check to make sure that the input matches a good , valid pattern ( for example , whitelist pattern matching) rather than whether it matches a bad,invalid pattern(for example,blacklist matching). Whitelist validation defenses are usually much more resilient to newly discovered attack techniques. 
  • If the input is a date or numeric type, don't work with it as a string. Casy or convert the user input from a string to the appropriate type. 
  • Escaping user input is the single besy way to prevent SQL injection . Use parameterized queries or stored procedures to escape SQL query parameters to safe values.


Labels:

Comments

Post a Comment

Popular posts from this blog

The Difference between DB and DB_EXTENDED

When doing Audit on any table on the the database , the default auditing is DB. SQL > show parameters audit_trail NAME                                 TYPE        VALUE ------------------------------------ ----------- ------------------------------ audit_trail                          string      DB in this case , when you do audit on some table. SQL> audit all on scott.emp by access; Audit succeeded SQL> update emp set sal=sal*0.95 where job='MANAGER'; 3 rows updated. if you want to know the statement made these changes, you will receive nothing on the sql_text field while you are selecting the audit_trial table.
Post a Comment
Read more

Web Application Security Scanner : Sandcat

Sandcat is multi-process remote web application security scanner. It maps the entire web site structure ( all links , forms , XHR requests and other entry points) and tries to find custom,unique vulnerabilities by simulating a wide range of attacks/sending thousands of requests (mostly GET and POST).  It also tests for SQL Inection, XSS, File inclusion and many other web application vulnerability classes.  Sandcat's code scanning functionality automates the process of reviewing the web application's code .  Source : CEH Lectures ...
Post a Comment
Read more