11:04 Very interesting version of antisqlinjection and xss | |
One of my very dear Mr Dan Kaminsky (Dan Kaminsky - known for the discovery of a fundamental vulnerability in the DNS) proposed a very interesting universal technique protect against SQL injection and XSS. The method is very simple and from that genius. The essence of technology comes down in a substitution in the SQL-queries for all data in base64-representation and thus no reason to use any or parsers / analyzers used in SQL-query data (placeholders, etc.) All of this we can roughly describe the type of line: «SELECT * from mytable where textfield = base64_decode ('Q29vbEhhY2tlcnM =')» where base64_decode - the function of decoding of base64, relalizuemaya specific database. In the absence of the user base64 special characters, and hence no threat to our request to make to its data will not be. No need to somehow escape or change the input data. Enough to encode them into base64 and send in the request. Technique is applicable also on the client side - if you need to remove the data in quotes eg in the event handler or in the js. Razkodirovka from base64 can be performed directly in the js when it is necessary to obtain the original data. From my point of view, the method is a genius. Shortcomings (in my opinion) two - increase memory for variables stored in this way will be 30% (a characteristic of a base-64 encoding), as well as increasing the load on the server because of the need to code input parameters (I think that can be ignored), and server load database because of the need razkodirvaniya (and it is something I think will not be ignored). However, to be precise - to do experiments, and may be among habrapolzovateley have knowledgeable people ready to share your opinion on this? Links: Dan Kaminsky base64 Dan Kaminsky of his method | |
|
Total comments: 0 | |