-
Notifications
You must be signed in to change notification settings - Fork 3
Activity 5 Questions
Shannon McHale edited this page Nov 24, 2019
·
9 revisions
- Provide a link to the test cases you generated for this activity.
-
How would you fix your code so that these issues were no longer present?
- Create a variable instead of having the cursor.execute raw sql. This can be seen in our original code. Create a variable for the username so it is not put in the middle of two tick marks. That is one of the things that makes this code truly vulnerable. Revert back to the 'incorrect.html' page that gives the attacker no indication of if their username or password is incorrect. Do not send an error message to the wrongpassword.html page
-
What are the limitations, if any that, of the SQL Injection issues you’ve included?
- A malicious hacker would not be able to directly log in using OR '1'='1 . For blind injection, the hacker will not be able to see if their username or password is incorrect. Because incorrect.html is in effect. Pymysql is the main limitation. This Python3 library does not allow a user to submit multiple lines of SQL injection. The Python2 dictionary MySQL allowed this vulnerability to occur.
footer