Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

MY SQL Code Injection through Site Admin Query

Posted on 2011-02-17
17
Medium Priority
?
699 Views
Last Modified: 2012-05-11
MY SQL Code Injection through Site Admin Query.

What to do to stop code injection in mysql database. We have done all things which are there on google search but things keeps coming up.

I need full proof Solution to this.


0
Comment
Question by:citadelind
  • 7
  • 4
  • 4
  • +2
17 Comments
 

Author Comment

by:citadelind
ID: 34923297
I need Example with code.
0
 
LVL 11

Accepted Solution

by:
VanHackman earned 200 total points
ID: 34923530
There isn't a magic formula to go over this...

Usign the php filter_var() function with the proper sanitize filters should be enough:

http://php.net/manual/en/function.filter-var.php
http://php.net/manual/en/filter.filters.sanitize.php

If you need an example with code, you could get it here:

http://net.tutsplus.com/tutorials/php/sanitize-and-validate-data-with-php-filters/

In that post, you will find all that you need to prevent this sort of security issue.

You just need to be able to use the knowledge properly.

Kind Regards,
Oxygen+ Team
0
Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as the high-speed power of the cloud.

 
LVL 34

Expert Comment

by:Beverley Portlock
ID: 34924018
You have not given us any information to work with. What sort of software? What sort of server? Shared or dedicated? What is being injected? Your question is too vague, it's like saying "Doctor I'm ill, make me better".

"I need full proof Solution to this"

You need more than a 50 point question in that case.
0
 

Author Comment

by:citadelind
ID: 34924696
Hi bportlock:,

Windows server
MYSQL Server 5
Dedicated Server

We have all fire walls on and using Norton Antivirus. We also used codes sample which were given above but still getting Site Hacked.

Let me know if you need more info.

0
 
LVL 34

Expert Comment

by:Beverley Portlock
ID: 34924921
When you say "MY SQL Code Injection through Site Admin Query" what do you mean? What "site admin" are you talking about?
0
 

Author Comment

by:citadelind
ID: 34926109
I am talking about CMS Site admin which is customized by our people.
0
 
LVL 34

Expert Comment

by:Beverley Portlock
ID: 34926150
"I am talking about CMS Site admin which is customized by our people. "

Yes - but *what* is it based on? Oscommerce? Joomla? Mambo? Word press? Zen Cart?
0
 
LVL 11

Expert Comment

by:VanHackman
ID: 34926157
And what do you mean which "we still getting SQL injections", how do you know that?...
0
 

Author Comment

by:citadelind
ID: 34926183
As i told Its customized one not open source
0
 

Author Comment

by:citadelind
ID: 34926189
hi VanHackman,

All data is been erased and new data of hackers have been injected site has all things changed thats how we know it.

As only data is been corrupted so its sql injection our server is secure.
0
 
LVL 11

Expert Comment

by:VanHackman
ID: 34926301
@citadelind:

I should say that will be better if you consider the posibility that the "hackers" have created some sort of back-door to your system.

Because SQL injection 99.9% of the time doesn't allow attackers to erase or insert new data to the DB, it is used to GET data from the DB instead, and make a privilege escalation into your system.

So if they keep erasing your data, and adding their own and if you are 100% secure that you have implemented the filter_var function in all the code parts which get data from clients (Are you really sure?...)

I will bet that you have a different problem there than a SQL injection and that your server is not as "secure" as you have thought.

Be aware of this...

0
 

Author Comment

by:citadelind
ID: 34926349
To my local system from where we upload things or on Server they created back door.
0
 
LVL 111

Expert Comment

by:Ray Paseur
ID: 34926373
@citadelind, you need to hire a professional developer to help you with this.  Information Technology Security is a full time, four year college major at the engineering school of the University of Maryland.  Any answer you get from EE is likely to represent a rather tiny fragment of the course of study - which covers 1,000 days of homework.  As Alexander Pope wrote, "A little learning is a dangerous thing."
0
 
LVL 34

Expert Comment

by:Beverley Portlock
ID: 34926682
"As i told Its customized one not open source"

Well, without source code there is not much we can do, we are not mind readers after all.....

You seem very convinced about the SQL injection, but have you considered XSS attacks? They are just as common, perhaps more so. Windows A/V products only detect about 80% of viruses and adware so you server could be rootkitted and you'll never know.

The only safe option, in my opinion,  is to reparitition the drives and wipe everything clean and do a completely fresh reinstall. Do not restore data from backups unless you can filter it first - an infected backup is worse than pointless. Disable all PHP commands that allow execution of system commands and box everything in with open_basedir. If you were on Linux I would add setting user and group permissions.

Never assume that a severely  infected machine is fixable. It is simply not worth the risk.
0
 
LVL 11

Expert Comment

by:VanHackman
ID: 34929270
If you want to figure out quickly if your system does have a security hole, and in which section is it, Acunetix can help you:

http://www.acunetix.com/

Even with the free version, you could get to know which of the most commons vulnerabilities does your site has, like XSS, SQL Injection & other vulnerabilities of the same matter, like file permissions bad configured.

Try the free version, and scan your site, even when it's not as accurate as a security expert, it could help to see if the vulnerabilities are actually present in your site, if so... Acunetix will also tell you in which specific sections of the site they are, and at that point you could think about hiring a professional to fix them, if you belive that you can't handle them at your own.

Hope this help.

All the Best!,
VanHackman
0
 

Author Comment

by:citadelind
ID: 34958462
If i use user read permission for site connection will problem be solved.
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Backups and Disaster RecoveryIn this post, we’ll look at strategies for backups and disaster recovery.
It’s a season to be thankful, and we’re thankful for users like you who engage on site, solve technology problems, and network with others in the industry. What tech are we most thankful for? Keep reading.
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question