Solved

MY SQL Code Injection through Site Admin Query

Posted on 2011-02-17
17
691 Views
Last Modified: 2012-05-11
MY SQL Code Injection through Site Admin Query.

What to do to stop code injection in mysql database. We have done all things which are there on google search but things keeps coming up.

I need full proof Solution to this.


0
Comment
Question by:citadelind
  • 7
  • 4
  • 4
  • +2
17 Comments
 

Author Comment

by:citadelind
Comment Utility
I need Example with code.
0
 
LVL 16

Expert Comment

by:Kalpesh Chhatrala
Comment Utility
0
 
LVL 11

Accepted Solution

by:
VanHackman earned 50 total points
Comment Utility
There isn't a magic formula to go over this...

Usign the php filter_var() function with the proper sanitize filters should be enough:

http://php.net/manual/en/function.filter-var.php
http://php.net/manual/en/filter.filters.sanitize.php

If you need an example with code, you could get it here:

http://net.tutsplus.com/tutorials/php/sanitize-and-validate-data-with-php-filters/

In that post, you will find all that you need to prevent this sort of security issue.

You just need to be able to use the knowledge properly.

Kind Regards,
Oxygen+ Team
0
 
LVL 34

Expert Comment

by:Beverley Portlock
Comment Utility
You have not given us any information to work with. What sort of software? What sort of server? Shared or dedicated? What is being injected? Your question is too vague, it's like saying "Doctor I'm ill, make me better".

"I need full proof Solution to this"

You need more than a 50 point question in that case.
0
 

Author Comment

by:citadelind
Comment Utility
Hi bportlock:,

Windows server
MYSQL Server 5
Dedicated Server

We have all fire walls on and using Norton Antivirus. We also used codes sample which were given above but still getting Site Hacked.

Let me know if you need more info.

0
 
LVL 34

Expert Comment

by:Beverley Portlock
Comment Utility
When you say "MY SQL Code Injection through Site Admin Query" what do you mean? What "site admin" are you talking about?
0
 

Author Comment

by:citadelind
Comment Utility
I am talking about CMS Site admin which is customized by our people.
0
 
LVL 34

Expert Comment

by:Beverley Portlock
Comment Utility
"I am talking about CMS Site admin which is customized by our people. "

Yes - but *what* is it based on? Oscommerce? Joomla? Mambo? Word press? Zen Cart?
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 11

Expert Comment

by:VanHackman
Comment Utility
And what do you mean which "we still getting SQL injections", how do you know that?...
0
 

Author Comment

by:citadelind
Comment Utility
As i told Its customized one not open source
0
 

Author Comment

by:citadelind
Comment Utility
hi VanHackman,

All data is been erased and new data of hackers have been injected site has all things changed thats how we know it.

As only data is been corrupted so its sql injection our server is secure.
0
 
LVL 11

Expert Comment

by:VanHackman
Comment Utility
@citadelind:

I should say that will be better if you consider the posibility that the "hackers" have created some sort of back-door to your system.

Because SQL injection 99.9% of the time doesn't allow attackers to erase or insert new data to the DB, it is used to GET data from the DB instead, and make a privilege escalation into your system.

So if they keep erasing your data, and adding their own and if you are 100% secure that you have implemented the filter_var function in all the code parts which get data from clients (Are you really sure?...)

I will bet that you have a different problem there than a SQL injection and that your server is not as "secure" as you have thought.

Be aware of this...

0
 

Author Comment

by:citadelind
Comment Utility
To my local system from where we upload things or on Server they created back door.
0
 
LVL 108

Expert Comment

by:Ray Paseur
Comment Utility
@citadelind, you need to hire a professional developer to help you with this.  Information Technology Security is a full time, four year college major at the engineering school of the University of Maryland.  Any answer you get from EE is likely to represent a rather tiny fragment of the course of study - which covers 1,000 days of homework.  As Alexander Pope wrote, "A little learning is a dangerous thing."
0
 
LVL 34

Expert Comment

by:Beverley Portlock
Comment Utility
"As i told Its customized one not open source"

Well, without source code there is not much we can do, we are not mind readers after all.....

You seem very convinced about the SQL injection, but have you considered XSS attacks? They are just as common, perhaps more so. Windows A/V products only detect about 80% of viruses and adware so you server could be rootkitted and you'll never know.

The only safe option, in my opinion,  is to reparitition the drives and wipe everything clean and do a completely fresh reinstall. Do not restore data from backups unless you can filter it first - an infected backup is worse than pointless. Disable all PHP commands that allow execution of system commands and box everything in with open_basedir. If you were on Linux I would add setting user and group permissions.

Never assume that a severely  infected machine is fixable. It is simply not worth the risk.
0
 
LVL 11

Expert Comment

by:VanHackman
Comment Utility
If you want to figure out quickly if your system does have a security hole, and in which section is it, Acunetix can help you:

http://www.acunetix.com/

Even with the free version, you could get to know which of the most commons vulnerabilities does your site has, like XSS, SQL Injection & other vulnerabilities of the same matter, like file permissions bad configured.

Try the free version, and scan your site, even when it's not as accurate as a security expert, it could help to see if the vulnerabilities are actually present in your site, if so... Acunetix will also tell you in which specific sections of the site they are, and at that point you could think about hiring a professional to fix them, if you belive that you can't handle them at your own.

Hope this help.

All the Best!,
VanHackman
0
 

Author Comment

by:citadelind
Comment Utility
If i use user read permission for site connection will problem be solved.
0

Featured Post

Free Gift Card with Acronis Backup Purchase!

Backup any data in any location: local and remote systems, physical and virtual servers, private and public clouds, Macs and PCs, tablets and mobile devices, & more! For limited time only, buy any Acronis backup products and get a FREE Amazon/Best Buy gift card worth up to $200!

Join & Write a Comment

Suggested Solutions

You cannot be 100% sure that you can protect your organization against crypto ransomware but you can lower down the risk and impact of the infection.
These days socially coordinated efforts have turned into a critical requirement for enterprises.
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now