Solved

MY SQL Code Injection through Site Admin Query

Posted on 2011-02-17
17
692 Views
Last Modified: 2012-05-11
MY SQL Code Injection through Site Admin Query.

What to do to stop code injection in mysql database. We have done all things which are there on google search but things keeps coming up.

I need full proof Solution to this.


0
Comment
Question by:citadelind
  • 7
  • 4
  • 4
  • +2
17 Comments
 

Author Comment

by:citadelind
ID: 34923297
I need Example with code.
0
 
LVL 16

Expert Comment

by:Kalpesh Chhatrala
ID: 34923362
0
 
LVL 11

Accepted Solution

by:
VanHackman earned 50 total points
ID: 34923530
There isn't a magic formula to go over this...

Usign the php filter_var() function with the proper sanitize filters should be enough:

http://php.net/manual/en/function.filter-var.php
http://php.net/manual/en/filter.filters.sanitize.php

If you need an example with code, you could get it here:

http://net.tutsplus.com/tutorials/php/sanitize-and-validate-data-with-php-filters/

In that post, you will find all that you need to prevent this sort of security issue.

You just need to be able to use the knowledge properly.

Kind Regards,
Oxygen+ Team
0
 
LVL 34

Expert Comment

by:Beverley Portlock
ID: 34924018
You have not given us any information to work with. What sort of software? What sort of server? Shared or dedicated? What is being injected? Your question is too vague, it's like saying "Doctor I'm ill, make me better".

"I need full proof Solution to this"

You need more than a 50 point question in that case.
0
 

Author Comment

by:citadelind
ID: 34924696
Hi bportlock:,

Windows server
MYSQL Server 5
Dedicated Server

We have all fire walls on and using Norton Antivirus. We also used codes sample which were given above but still getting Site Hacked.

Let me know if you need more info.

0
 
LVL 34

Expert Comment

by:Beverley Portlock
ID: 34924921
When you say "MY SQL Code Injection through Site Admin Query" what do you mean? What "site admin" are you talking about?
0
 

Author Comment

by:citadelind
ID: 34926109
I am talking about CMS Site admin which is customized by our people.
0
 
LVL 34

Expert Comment

by:Beverley Portlock
ID: 34926150
"I am talking about CMS Site admin which is customized by our people. "

Yes - but *what* is it based on? Oscommerce? Joomla? Mambo? Word press? Zen Cart?
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 11

Expert Comment

by:VanHackman
ID: 34926157
And what do you mean which "we still getting SQL injections", how do you know that?...
0
 

Author Comment

by:citadelind
ID: 34926183
As i told Its customized one not open source
0
 

Author Comment

by:citadelind
ID: 34926189
hi VanHackman,

All data is been erased and new data of hackers have been injected site has all things changed thats how we know it.

As only data is been corrupted so its sql injection our server is secure.
0
 
LVL 11

Expert Comment

by:VanHackman
ID: 34926301
@citadelind:

I should say that will be better if you consider the posibility that the "hackers" have created some sort of back-door to your system.

Because SQL injection 99.9% of the time doesn't allow attackers to erase or insert new data to the DB, it is used to GET data from the DB instead, and make a privilege escalation into your system.

So if they keep erasing your data, and adding their own and if you are 100% secure that you have implemented the filter_var function in all the code parts which get data from clients (Are you really sure?...)

I will bet that you have a different problem there than a SQL injection and that your server is not as "secure" as you have thought.

Be aware of this...

0
 

Author Comment

by:citadelind
ID: 34926349
To my local system from where we upload things or on Server they created back door.
0
 
LVL 108

Expert Comment

by:Ray Paseur
ID: 34926373
@citadelind, you need to hire a professional developer to help you with this.  Information Technology Security is a full time, four year college major at the engineering school of the University of Maryland.  Any answer you get from EE is likely to represent a rather tiny fragment of the course of study - which covers 1,000 days of homework.  As Alexander Pope wrote, "A little learning is a dangerous thing."
0
 
LVL 34

Expert Comment

by:Beverley Portlock
ID: 34926682
"As i told Its customized one not open source"

Well, without source code there is not much we can do, we are not mind readers after all.....

You seem very convinced about the SQL injection, but have you considered XSS attacks? They are just as common, perhaps more so. Windows A/V products only detect about 80% of viruses and adware so you server could be rootkitted and you'll never know.

The only safe option, in my opinion,  is to reparitition the drives and wipe everything clean and do a completely fresh reinstall. Do not restore data from backups unless you can filter it first - an infected backup is worse than pointless. Disable all PHP commands that allow execution of system commands and box everything in with open_basedir. If you were on Linux I would add setting user and group permissions.

Never assume that a severely  infected machine is fixable. It is simply not worth the risk.
0
 
LVL 11

Expert Comment

by:VanHackman
ID: 34929270
If you want to figure out quickly if your system does have a security hole, and in which section is it, Acunetix can help you:

http://www.acunetix.com/

Even with the free version, you could get to know which of the most commons vulnerabilities does your site has, like XSS, SQL Injection & other vulnerabilities of the same matter, like file permissions bad configured.

Try the free version, and scan your site, even when it's not as accurate as a security expert, it could help to see if the vulnerabilities are actually present in your site, if so... Acunetix will also tell you in which specific sections of the site they are, and at that point you could think about hiring a professional to fix them, if you belive that you can't handle them at your own.

Hope this help.

All the Best!,
VanHackman
0
 

Author Comment

by:citadelind
ID: 34958462
If i use user read permission for site connection will problem be solved.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Access Object's Property 9 22
test if query has no results 2 19
datetime in sql 6 31
PHP search array for either partial or complete values 3 9
Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
I've been an avid user and supporter of Malwarebytes Premium Version 2.x for years. It's an excellent product that runs alongside just about any Anti-Virus application without issues. It seems to have an uncanny ability to pick up many things that A…
The viewer will learn how to count occurrences of each item in an array.
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now