SQL injection

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
abed111
Forum Newbie
Posts: 4
Joined: Thu Sep 27, 2012 6:24 am

SQL injection

Post by abed111 »

Hi,

I just need to know how can someone sql inject on my website, what the '-' sign placed after the id for example id=-3 instead of id=3 and how by that the website will execute the sql query placed after the id, and how some columns would be more vulnerable to sql injection than the others? I really want to know that to protect my website from hackers..

thanks.
abed111
Forum Newbie
Posts: 4
Joined: Thu Sep 27, 2012 6:24 am

Re: SQL injection

Post by abed111 »

User avatar
social_experiment
DevNet Master
Posts: 2793
Joined: Sun Feb 15, 2009 11:08 am
Location: .za

Re: SQL injection

Post by social_experiment »

http://www.codeproject.com/Articles/937 ... ow-to-Prev
Have a look at this url or enter 'Sql injection' into your prefered search engine; there are tons of resources;

I think all columns are equally vulnerable in terms of sql injection attacks, problem is in my opinion more with column names being easy to guess which makes the attackers' job easier. Protecting your site / data is not too difficult; you only have to remember to check ALL input that you receive because you don't always know where the data is from.

Edit
Thanks for posting the url; interesting read;
“Don’t worry if it doesn’t work right. If everything did, you’d be out of a job.” - Mosher’s Law of Software Engineering
abed111
Forum Newbie
Posts: 4
Joined: Thu Sep 27, 2012 6:24 am

Re: SQL injection

Post by abed111 »

Hi,

thank you for your reply but what I meant is why when you add id=-3 union select 1,2,3,4,5.. the number of the columns you get only some of those columns returned onto your page and inthe tutorials they called it vulnerable columns why the rest of the columns were not returned by this query?

thanks.
User avatar
Mordred
DevNet Resident
Posts: 1579
Joined: Sun Sep 03, 2006 5:19 am
Location: Sofia, Bulgaria

Re: SQL injection

Post by Mordred »

Try the article on SQL injection in my signature - there are examples in runnable code you can play with.
abed111
Forum Newbie
Posts: 4
Joined: Thu Sep 27, 2012 6:24 am

Re: SQL injection

Post by abed111 »

Hi,

thanks I tried the SQL injection before and I've understood it, it worked for me but what I'm trying to understand is why there are some called columns appearing on the screen and others not and in the tutorial I found that those columns are the vulnerable ones but why they are more vulnerable than the other columns how can a column be vulnerable what should the data be in it...?
User avatar
Mordred
DevNet Resident
Posts: 1579
Joined: Sun Sep 03, 2006 5:19 am
Location: Sofia, Bulgaria

Re: SQL injection

Post by Mordred »

It appears on the screen if the PHP script outputs it. There are otherwise no differences in how vulnerable different columns would be.
Post Reply