mikharakiri_at_ywho.com said...
> http://www.dbazine.com/cook8.html
> <quote>The user entered the following string and was authorized:
>
> ' or 1=1--
>
> By placing a partial SQL statement into the Username textbox, a hacker
> "injects" the SQL fragment and thus alters the SQL statement that is
> executed. The injected SQL fragment actually consists of three different
> fragments, each with a different purpose</quote>
>
>
> Amaising. Web application design that doesn't bother creating a user as a
> database user and grant proivileges, but just adds a user record into a
> table.
>
Thanks for reminding us. SQL injection techniques are mentioned quite
often in security literature ... but it's always good to occasionally
remind those web form developers who are buried so deep in their work
they don't have time to read security articles. The same goes for
injecting HTML tags or javascript or whatever. You can NEVER blindly
accept what the user types as "good."
--
/Karsten
DBA > retired > DBA
Received on Fri May 23 2003 - 13:02:08 CDT
