Results 1 to 3 of 3
  1. #1
    Join Date
    Dec 2007
    Posts
    21

    Unanswered: SQL injections into a login script

    i was trying to inject some SQL to get a false login in one of my scripts. since i am no PRO in all this scripting i would like to consult some of you.

    thanks in advance. thats my script:

    Code:
    username = request.QueryString("username")
    password = MD5("kam" & request.QueryString("password"))
    
    Dim userinfo
    Set userinfo = Server.CreateObject("ADODB.Recordset")
    	userinfo.ActiveConnection = MM_KerenDB_STRING
    	userinfo.Source = "SELECT * FROM KAMUsers WHERE username = '" & username & "' AND password='" & password & "'"
    	userinfo.CursorType = 0
    	userinfo.CursorLocation = 2
    	userinfo.LockType = 1
    	userinfo.Open()
    
    if (NOT (userinfo.EOF AND userinfo.BOF)) then
     session("userlevel") = userinfo.fields.item("ulevel").value
     session("username") = userinfo.fields.item("username").value
     session("userid") = userinfo.fields.item("ID").value
     response.Redirect("news.asp")
    else
     response.Redirect("login.asp?error=2") 
    end if
     
    userinfo.Close()
    Set userinfo = Nothing
    i am not sure if you understand the login method so i'll explain it. you enter a username and password. a username can be used only by one user. password is being md5ed with some string. than it looks for it in the users DB. since it will find only one or none record, if it finds one than its a user with a correct pass. else, oops, try again.

    i know SELECT * is not good...

  2. #2
    Join Date
    Mar 2003
    Location
    The Bottom of The Barrel
    Posts
    6,102
    Provided Answers: 1
    look up "prepared statements".
    oh yeah... documentation... I have heard of that.

    *** What Do You Want In The MS Access Forum? ***

  3. #3
    Join Date
    Jan 2005
    Posts
    362
    look at this

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •