Skip to main content

Software Security Vulnerabilities



According to one recent study, the top three software security loopholes are mainly due to following reasons:
1. Cross Site Scipting
2. SQL Injection
3. Malicious File Execution

SQL Injection

In this type of software vulnerability, hackers try to gain the access to the application by injecting SQL code. 

Below is the simple example :
Lets say an application is giving access to the user by asking them to enter user id and password in its login screen.

But the application code is written in such a way [Concatenated user input strings] that it gives the access based on checking the below SQL statement in the backend.

SELECT FIRST_NAME FROM USERS_TABLE WHERE USER_ID = ‘’’ ||user_id_input ||’’’ and password== ‘’’ ||password_input ||’’’;

Lets say users_table in the database is having following data :
Users Table




Row Number
First_Name
Last_Name
user_Id
password
1
Mike
Tyson
mike
trickme

Now if Mike enters user id as ‘mike’ and password as ‘trickme’ then he would be allowed to enter into the website as it generates the following statement and the SQL statement retrieves the record successfully from database:

SELECT FIRST_NAME FROM USERS_TABLE WHERE USER_ID=’mike’ AND PASSWORD=’trickme’;

Output from Database
First_Name
Mike

Now lets say some hacker wants to gain access to the website and he enters
User ID = ‘’’ or 1=1 and Rownum=1--
Password = ANY PASSWORD

Then it would generate the following SQL statement and will get executed successfully (Surprisingly)
SELECT FIRST_NAME FROM USERS_TABLE WHERE USER_ID=’ ‘’’ or 1=1 and Rownum=1--’ AND PASSWORD= ‘ANY PASSWORD’;

Dissecting the above statement:
  1.    SELECT FIRST_NAME FROM USERS_TABLE WHERE USER_ID=’ ‘’’  or 1=1
  2.    and Rownum=1
  3.    --’ AND PASSWORD= ‘ANY PASSWORD’;

First line will get FIRST_NAME of the user where USER_ID is empty or any other row
Second line will get the first row
Third line is commented so it will not get executed

Thus he always gets the first row’s FIRST_NAME from the database and thus gets entry into the website.

Comments

Post a Comment

Popular posts from this blog

Outsystems Tips and Tricks : Adding iFrame in Reactive Web App

In Outsystems Version 11+, there is no iFrame widget available when you are building Reactive Web Applications. So in case you want to add an iFrame HTML tag or for that matter any other HTML element, you could do so by creating a generic web block and pass HTML in to it by doing as follows.
Post a Comment
Read more

Consuming Workday WSDL into Outsystems

WSDL (Web Service Description Language) is an XML format for describing network services as a set of endpoints operating on messages containing either document-oriented or procedure-oriented information. The operations and messages are described abstractly, and then bound to a concrete network protocol and message format to define an endpoint . Generally consuming a WSDL (Webservice Description Language) in Outsystems is an easy task but it might get trickier when the WSDL has unsupported use cases built into it. This article will help to understand the difficulties associated with such unsupported use case and attempts to provide a solution. Here is the list of unsupported SOAP use cases from Outystems: https://success.outsystems.com/Documentation/11/Extensibility_and_Integration/SOAP/Consuming_SOAP_Web_Services/Unsupporte d_SOAP_Use_Cases#list-attribute-in-a-single-list-attribute Workday WSDL: The following link provides the WWS (Workday Web Services) API Documentation f...
Post a Comment
Read more

How to take Full Page Screenshot using Google Developer Tools in Chrome Browser

Click on 3 vertical dots on the top right hand side of the browser. Click on 3 vertical dots again in the Developer Tools Menu and choose "Run Command" option or use keyboard combination ctrl+Shift+P. If you do not see Developer Tools you might have to go to chrome settings and enable this option in your chrome browser. Now type "Capture Full Page Screenshot" in the command bar. Thats it. You should now see the whole page you are viewing will be downloaded automatically in your PC as a PNG file.
Post a Comment
Read more