Jump to content

A kind of SQL [C]

Recommended Posts

Nu prea am la ce sa-ti dau feedback, ii doar un formular de login.

SELECT * FROM example WHERE user='' OR 1='1' and pass='' OR 1='1' Access Granted!

Mie unu imi place la formularele de login sa fac un regex si daca gasesc orice altceva in afara de - . 0-9 a-z A-Z, zic ca e invalid si gata (la username). La parola fac o functie encrypt_pass(parola) care de obicei imi returneaza md5(parola)... [depinde ce algoritm de "criptare" folosesc pentru aplicatia respectiva].


Exemplu: In felul meu, daca la username introduc ' OR 1=1' o sa dea mesaj: Username invalid. La parola, daca introduc ' OR 1=1' imi face md5("'OR 1=1'") si cand interoghez baza de date cu md5-ul respectiv, nu mi-l gaseste asociat username-ului ( parola din baza de date e md5(parola) ).

** Stiu ca nu e cea mai buna explicatie, is cam obosit si nu ma pot concentra. Sper sa te ajute cu ceva.

Edited by A9N

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...