Solved

MY SQL Code Injection through Site Admin Query

Posted on 2011-02-17
17
696 Views
Last Modified: 2012-05-11
MY SQL Code Injection through Site Admin Query.

What to do to stop code injection in mysql database. We have done all things which are there on google search but things keeps coming up.

I need full proof Solution to this.


0
Comment
Question by:citadelind
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 4
  • 4
  • +2
17 Comments
 

Author Comment

by:citadelind
ID: 34923297
I need Example with code.
0
 
LVL 16

Expert Comment

by:Kalpesh Chhatrala
ID: 34923362
0
 
LVL 11

Accepted Solution

by:
VanHackman earned 50 total points
ID: 34923530
There isn't a magic formula to go over this...

Usign the php filter_var() function with the proper sanitize filters should be enough:

http://php.net/manual/en/function.filter-var.php
http://php.net/manual/en/filter.filters.sanitize.php

If you need an example with code, you could get it here:

http://net.tutsplus.com/tutorials/php/sanitize-and-validate-data-with-php-filters/

In that post, you will find all that you need to prevent this sort of security issue.

You just need to be able to use the knowledge properly.

Kind Regards,
Oxygen+ Team
0
Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as the high-speed power of the cloud.

 
LVL 34

Expert Comment

by:Beverley Portlock
ID: 34924018
You have not given us any information to work with. What sort of software? What sort of server? Shared or dedicated? What is being injected? Your question is too vague, it's like saying "Doctor I'm ill, make me better".

"I need full proof Solution to this"

You need more than a 50 point question in that case.
0
 

Author Comment

by:citadelind
ID: 34924696
Hi bportlock:,

Windows server
MYSQL Server 5
Dedicated Server

We have all fire walls on and using Norton Antivirus. We also used codes sample which were given above but still getting Site Hacked.

Let me know if you need more info.

0
 
LVL 34

Expert Comment

by:Beverley Portlock
ID: 34924921
When you say "MY SQL Code Injection through Site Admin Query" what do you mean? What "site admin" are you talking about?
0
 

Author Comment

by:citadelind
ID: 34926109
I am talking about CMS Site admin which is customized by our people.
0
 
LVL 34

Expert Comment

by:Beverley Portlock
ID: 34926150
"I am talking about CMS Site admin which is customized by our people. "

Yes - but *what* is it based on? Oscommerce? Joomla? Mambo? Word press? Zen Cart?
0
 
LVL 11

Expert Comment

by:VanHackman
ID: 34926157
And what do you mean which "we still getting SQL injections", how do you know that?...
0
 

Author Comment

by:citadelind
ID: 34926183
As i told Its customized one not open source
0
 

Author Comment

by:citadelind
ID: 34926189
hi VanHackman,

All data is been erased and new data of hackers have been injected site has all things changed thats how we know it.

As only data is been corrupted so its sql injection our server is secure.
0
 
LVL 11

Expert Comment

by:VanHackman
ID: 34926301
@citadelind:

I should say that will be better if you consider the posibility that the "hackers" have created some sort of back-door to your system.

Because SQL injection 99.9% of the time doesn't allow attackers to erase or insert new data to the DB, it is used to GET data from the DB instead, and make a privilege escalation into your system.

So if they keep erasing your data, and adding their own and if you are 100% secure that you have implemented the filter_var function in all the code parts which get data from clients (Are you really sure?...)

I will bet that you have a different problem there than a SQL injection and that your server is not as "secure" as you have thought.

Be aware of this...

0
 

Author Comment

by:citadelind
ID: 34926349
To my local system from where we upload things or on Server they created back door.
0
 
LVL 110

Expert Comment

by:Ray Paseur
ID: 34926373
@citadelind, you need to hire a professional developer to help you with this.  Information Technology Security is a full time, four year college major at the engineering school of the University of Maryland.  Any answer you get from EE is likely to represent a rather tiny fragment of the course of study - which covers 1,000 days of homework.  As Alexander Pope wrote, "A little learning is a dangerous thing."
0
 
LVL 34

Expert Comment

by:Beverley Portlock
ID: 34926682
"As i told Its customized one not open source"

Well, without source code there is not much we can do, we are not mind readers after all.....

You seem very convinced about the SQL injection, but have you considered XSS attacks? They are just as common, perhaps more so. Windows A/V products only detect about 80% of viruses and adware so you server could be rootkitted and you'll never know.

The only safe option, in my opinion,  is to reparitition the drives and wipe everything clean and do a completely fresh reinstall. Do not restore data from backups unless you can filter it first - an infected backup is worse than pointless. Disable all PHP commands that allow execution of system commands and box everything in with open_basedir. If you were on Linux I would add setting user and group permissions.

Never assume that a severely  infected machine is fixable. It is simply not worth the risk.
0
 
LVL 11

Expert Comment

by:VanHackman
ID: 34929270
If you want to figure out quickly if your system does have a security hole, and in which section is it, Acunetix can help you:

http://www.acunetix.com/

Even with the free version, you could get to know which of the most commons vulnerabilities does your site has, like XSS, SQL Injection & other vulnerabilities of the same matter, like file permissions bad configured.

Try the free version, and scan your site, even when it's not as accurate as a security expert, it could help to see if the vulnerabilities are actually present in your site, if so... Acunetix will also tell you in which specific sections of the site they are, and at that point you could think about hiring a professional to fix them, if you belive that you can't handle them at your own.

Hope this help.

All the Best!,
VanHackman
0
 

Author Comment

by:citadelind
ID: 34958462
If i use user read permission for site connection will problem be solved.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article discusses how to create an extensible mechanism for linked drop downs.
This post contains step-by-step instructions for setting up alerting in Percona Monitoring and Management (PMM) using Grafana.
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question