Thank you for your links. I understand the nature of SQL injection and how
to safeguard against it using the common methods: string checking, type
checking, white listing, blacklisting, various mechisms associated with the
database and database interactions.
What I'm looking for now is a safe way to scan sites for vulnerabilities,
just as those expensive tools do. This would help people who know very
little, or who are non-technicians: they can at least recognize that they
have a problem. I need to know how to perform a non-destructive check, and
to evaluate the success or failure of my non-destructive check. My purpose
here is to write some code and maybe even an open-source tool that people
could use to check sites for SQL injection vulnerabilities.
-KF
"Lau Lei Cheong" <le****@yehoo.com.hkwrote in message
news:Ok**************@TK2MSFTNGP03.phx.gbl...
Some examples of SQL injection can be found here:
http://msdn.microsoft.com/msdnmag/is.../SQLInjection/
Anyway, if you follow the guidelines here
http://msdn2.microsoft.com/en-us/library/ms998271.aspx (like use the
SQLParameter object to pass the parameters), your program should not be
vulnerable to common SQL injection.
<ke*****@nospam.nospam>
¼¶¼g©ó¶l¥ó·s»D:%2****************@TK2MSFTNGP06.phx .gbl...
>There are assorted "SQL Injection vulnerability assessment tools" out
there. They scan your site and send your report. They also take your
money.
We don't have the money so I was wondering if I could replicate the
tool's behavior myself. I am guessing that they work by attempting a
non-destructive injection attack against your DB and evaluating the
success or failure of that test.
I am curious if a) I'm correct about this, and b) if anyone could suggest
a starting point for a "safe" injection test and an evaluation of the
result using C# / ASP.NET.
Thanks,
-KF