SQL injection

Hi friends,
my anti virus has detected a virus which is categorized as sql injection. plz tell me what it is? rather i have done coding in the sql server but never knew such kind of thing. if possible give an example for me. thanks in advance.

 

I wander how your antivirus detected an sql injection and onto what ?

 

Avira detected it when i was downloading something via torrent and because of it the whole downloading just got wasted.

 

In Simple Language :: SQL injection is a Method to Hack Simple Login Systems of Websites where the Website Programmer were Lazy and didnt Put all the Necessary Validation Required for the Username and Password Input.

I wonder How can Your Antivirus DETECT it. I would Advice you some other Antivirus Software.

Regards

 

That sounds REALLY suspicious that a virus scanner would detect a SQL injection. Are you running some kind of DBMS on your machine?

 

is SQL injection dangerous to our database? and how to prevent it to happen to our site?

 

No, Its Not Dangerous to Databases... Its like, Some gets access to your members area by Putting Some Crap in Username and Password Field. Its Just That they were able to fool your Login Check.

 

If that so... can you tell me how to prevent that, because even it not dangerous to Databases, but seem like it will dangerous to our business, right?

 

Ya, sure it can be harmfull to your business.

to avoid it, make sure that your site programmer is doing all the necessary checks on the user input data like username and password.

For a Ex. for selecting The user, a sql query of following type is generally used

so if User enteres something like

then it would lead to selecting all the usernames and then something similar for the password field.

A better approach would be

$actual_pass = md5($result['password']);
$user_entered_pass = md5($_GET['password']);

if($actual_pass == $user_entered_pass)
{
// User Good
}
else
{
// Invalid Login
}

That was just an Example. Hope that Helps.

 

I don't think something suspicious about my AV. It is working really very well also it detects jokes, phishing, game and many kind of virus. Yes i am using mysql 5 on my machine.

Hey thanks a lot for helping me.

I think you have provided a very good tut for the beginners which may help them to understand the phenomenon of sql injection.

I still thinks that it may be of other kinds too. like as for getting authentication in database, sending database to a remote places. so i think there may be many kind of Sql injections which may contain Trojans too.

 

It could be a trojan which would try SQL injection on your Databases or something like that. As "SQL Injection" is a Method.

Also, In my post above, it was just an example, for eye opener. there are qide varieties of SQL injection.

Regards.

 

phishing is not a type of virus. How can it detect that? What is your anti-virus?...

 

What yu are talking about is basic Sql injection Bypass . There can be Blind Sql injection,Sql Injection through Pages of your websites as well etc.

The Information Schema Thing In mysql 5 + version makes themeasy targets if inputs not validated correctly .

Hackers, often use GET method to inject their “union+select+” queries or POST method from one server to another, if authentication has javascript filtering using their OR 1=1 method and the last but not the least, cookies. Cookies are used by very few hackers, however with the use of session cookies, their successful attempts are limited to minimum.
addslashes() is one of the function that a developer can use if !(get_magic_quotes_gpc). But, adding this line can be troublesome in most cases, where amount of variables are really high, it may make the code look sluggish to have mysql_real_escape_string() in every variable passed. To get rid of all these:
Go to your php.ini file and set:

magic_quotes_gpc = On

magic_quotes_gpc is by default set to Off for optimal performance of the server.

However, if you are using a shared/paid hosting and do not have access to php.ini file then add the following to your .htaccess file.

php_flag magic_quotes_gpc on

However, cannot promise that above mentioned “tweak” will work till eternity. You can never know what 0-day comes up!

 

If the hacker can insert DELETE, UPDATE commands through the SQL Injection, then he can delete your whole Database! So yes I would say it can be VERY dangerous!

 

Absolutely correct it is very dangerous

 

If you are worried with sql injection, this post may be helpful.

www owasp org/index.php/SQL_Injection_Prevention_Cheat_Sheet

Hope it is what you need.

 

If you pregmatch your login page to letters and numbers only that should stop it.
Although you have to remember to pregmatch your register aswell because if someone makes a account called example_1 they couldn't get on.

 

except for the fact that someone can add a drop table command in the injection... making it, you know.. dangerous.

 

i agree, before querying the database, check if the value entered by the user has suspicious values, ie : %, DROP, LIKE, ", ', ;, *

Not saying that those values work in all cases, but for something like a username, or someones name, chances are they wont have a name of username containing that (for DROP and LIKE, check for spaces after/before, since a username/name COULD have that word in their name)