Jump to content

Security question, how can this be hacked?

phil88

By phil88
in PHP Coding Help

 Share

Recommended Posts

phil88 Member

phil88

Posted
  • Author
Posted
Ok, thanks for the help. I shall try and incorporate that into what I already have.




I'm still questioning the security of sessions though, so if anyone can explain how secure they are, or point me towards an article or something it would be much appriciated.
Link to comment
Share on other sites
tomfmason Advanced Member

tomfmason

Posted
Posted
What are you trying to develop? I am not sure who said it but No matter what you do, if someone wants in they will get in.

Now the most common way to crack a site is by database insertion.

here are two examples these are assumming that you know the username and are trying to by pass the password


[b]' OR 1=1#[/b]
an explanation of this example

The first step was to add a single quote, followed by an OR 1=1 condition, which always returns true, and a hash mark (#), which represents an SQL comment making the rest of the statement irrelevant.

another example

[b]' OR ''='[/b]

This is basicly the same. execpt that it is used for a different style of login script.

this is why I use [code=php:0]mysql_real_escape_string[/code]

Now as far as sessions go. If you are that worried about your site getting [b]cracked[/b] (there is a difference between a hacker and a cracker) then I would read up on sessions (maybe some kind of session_hash) cookies and possiblely recording the users ip address.

Also you might want to require a spam key, alot of sites have them at there contact form. If you do all of this you still will not be totaly secure but like Bussiness man said (I think it was him) All you can do is your best and hope to god it is good enough.

Good luck,
Tom
Link to comment
Share on other sites
phil88 Member

phil88

Posted
  • Author
Posted
Well at the moment I'm not really developing anything specific, just making various scripts and seeing if I can get in using a webbrowser to places I shouldn't.


Is mysql_real_escape_string a surefire way of preventing all kinds of mysql injections?


Thanks for the tips about session_hash and spam keys, I shall have to read up on them as I've never heard of either of them :p *gets googling*


Edit: I just realised I do know what a spam key is, didn't realise that's what it was called though.

Edit 2: Is session hashing basically, getting the session ID and something unique to the users computer, like IP address, hashing them together, then storing that hash as a session variable, comparing it with a server-stored copy of that hash for that particular user, if the hashes are different then it's been modified?
Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.