Tag Archives: php

Why mysql_real_escape_string() isn’t enough to stop SQL injection attacks!

We have all been there writing PHP code and trusting mysql_real_escape_string(). Alas it seems it is not enough, let us look at the example below ;

As you can see above simply using mysql_real_escape_string is not enough because the new output is in the end “0; Delete from users”.

However don’t fret dear reader because there is a solution! Make sure the $id is indeed only a number! This can be done by simply using the code below;

This way any string elements will simply won’t be added the system. Now a question may arise on how to make sure you don’t get injected with attack if the parameter is in fact a string. My answer is simply : USE THE FRICKEN SQL QUOTES! Like below;

The quotes will allow some protection.
I hope this helps you all! And please don’t tell newbies that mysql_real_escape_string() is enough! IT IS NOT!

From the beginning please

Hi there. Summer over and so is my work with the company RENKO ITH.  IHR. LTD. STI.. Worked for peanuts doing lots. Proud of it. Paid my school tuition with the peanuts. I think this makes my school a three ring circus :D.

Work was good and honest in RENKO. I wore three hats at all times ;

Continue reading

Knowing when to fold ( i.e. SSH is better than Telnet )

You have probably seen my  previous post on connecting to Telnet through PHP although it was a novel idea I have just learned that (from a Novell site. No pun intended.) Telnet is very insecure!! To make things clearer Telnet usually creates connections as below;

Telnet-Client-server-unencrypted

Up here you can see a hacker can sniff the client-server connection and actually steal the user name and password sent by client. This really won’t do since if someone can spoof/hack/attack our embedded system which we will be adding to home appliances things may go awry. i.e. you will start seeing automated vacuum cleaners attacking your cat. ( Statistics show that H4X0Rz hate cats. )

Hence we can clearly see we need another way for the server and client to talk to each other. After some short Googling I am thinking of using SSH which is native to Linux/Unix based systems. Where the connection will be as below ;

SSH-client-server-encryptedAs you can see the SSH encryption creates a safer environment for the client and the server plus any DNS attacks and eavesdropping is clearly impossible. (if not probable.)

Henceforth a new PHP and Python (this time I will write the server+client in Python) shall be written. Please expect updates.