xpresszine|xpress magazine

SQL Injection is a technique that exploits a security vulnerability at the database layer of an application. It is a special way of crafting or designing an input string such that the user gets control over the database.

For eg: Mostly all database related statements would look similar to:
SELECT * FROM EMPLOYEE WHERE EMP_ID = ' + $emp_id + ' AND PASSWD = ' + $passwd + ';

Imagine if an user inputs the passwrod string like
e' or 'e'='e

then the query would become
SELECT * FROM EMPLOYEE WHERE EMP_ID = ' + $emp_id + ' AND PASSWD = 'e' OR 'e'='e';

This would always evaluate to true and would grant the user access to the whole data.
A notorius user can even write multiple query lines to say Drop Table etc.

Two Steps to tackle this situation:
1. Limit Permissions:
The DB administrator should create different users depending on the kind of action performed, and appropriate credentials with least priviledges necessary for a task to be performed should be used. This could prevent most attacks but not all.

2. Clean the Input String:
PHP team has already released a function "mysql_real_escape_string()" to tackle this situation. This function replaces the (‘) with a (\’) and thus would not allow the attack.
So all you have to do is:
$passwd = mysql_real_escape_string($passwd);

Now the query would become:
SELECT * FROM EMPLOYEE WHERE EMP_ID = ' + $emp_id + ' AND PASSWD = 'e\' OR \'e\'=\'e';

Hope this helps!!!

Yes, its true, contarary to the concept that Apple boasts of about its products being “solid as rock“, its iPhone and iPod Touch aren’t rock-solid enough.

Recently, a hacker had publicized a TIFF vulnerability found in Apple iPhone which could easily compramise any iPhone, irrespective of its firmware version. But this Apple enthusiast cum hacker(HD Moore) is not much into those dirty tricks.

His rescent release of AppSnapp, a patch which allows an iPhone user to install unauthorized non-Apple products, has made people get second thoughts about Apple and their commitment for delivering a rock-solid architecture, be it the Mac or the iPod or iPhone.

As an additional feature, unlike the previous versions, you don’t need a Mac or a PC to install AppSnapp. This Apple lover(or ..) has made it compulsory to use the iPhone/iPod’s built-in Safari web browser to install this patch.

This patch doesn’t break any other functionality, nor does it unlocks the iPhone, rather it helps Apple in one way by fixing the TIFF image-rendering bug, which was responsible for allowing the installation of previous versions of AppSnapp.

Hmmm, seriously, if I was Steve Jobs, i would be thinking of employing this guy.

Credits: [pcworld]