Jump to content

Some odd security results

KevinM1

By KevinM1
in Miscellaneous

 Share

Recommended Posts

KevinM1 Advanced Member

KevinM1

Posted
Posted

I tested the admin login form of a site I'm currently building with the SQLInjectMe extension for FireFox.  It claims I have 51 failures, all of which are a 500 internal server error.  Testing the form itself with some of the test strings it used fails to bring up the 500 error, and instead shows my error message, which is the behavior it should be exhibiting.

 

Should I be concerned about these errors?  I can't reproduce them myself through the form.

Link to comment
Share on other sites
PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted

While it might not be a security issue, that something could submit data and get a 500 error means that a legitimate visitor could do so as well. Just from a functional standpoint, I would want to know why I was getting a 500 error on a page(s).

 

Any chance you have any trigger_error('...',E_USER_ERROR) in your code?

Link to comment
Share on other sites
KevinM1 Advanced Member

KevinM1

Posted
  • Author
Posted

While it might not be a security issue, that something could submit data and get a 500 error means that a legitimate visitor could do so as well. Just from a functional standpoint, I would want to know why I was getting a 500 error on a page(s).

 

Any chance you have any trigger_error('...',E_USER_ERROR) in your code?

 

Hmm...

 

I'm using the Kohana framework, so there could be a trigger_error call somewhere in the bowels of the system that's causing it.  I looked over my code in the controller a few times, just to double-check what I've done.  For this particular login form I -

 

Only allow alphanumeric characters via RegEx

Use Kohana's MySQLi driver, which automatically uses prepared statements

 

I'm not sure what else I can/should do.

Link to comment
Share on other sites
PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted

What I'm getting at is the 500 error means that an incomplete (or no) response was sent back due to the http request.

 

From a php standpoint, that usually happens when there is a fatal runtime error, which using E_USER_ERROR (with error_reporting/display_errors set to prevent any output) or an empty die/exit statement would cause.

Link to comment
Share on other sites
KevinM1 Advanced Member

KevinM1

Posted
  • Author
Posted

What I'm getting at is the 500 error means that an incomplete (or no) response was sent back due to the http request.

 

From a php standpoint, that usually happens when there is a fatal runtime error, which using E_USER_ERROR (with error_reporting/display_errors set to prevent any output) or an empty die/exit statement would cause.

 

Kohana's own error reporting generates a runtime error screen with a stack trace upon application runtime error while in testing mode.  However, when a caught error condition occurs, I also use a header redirect to my own, user friendly error screen, followed by an empty exit() statement.  Since when I test the form with the same strings as SQL Inject Me uses I get my own error screen, I'm guessing it's my own exit() call that's doing it.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.