I am building a very small website (with PHP) and I have 2 big issues
The first one is about my search form
I have build a really simple search form in order to retrieve my content, then I used an online security tool and show me that my search form was vulnerable to SQLi
I had no idea abut that so I started testing some attacks I found on some sites
As far as now only 'OR 'x'='x worked (it returns the entire content of my website, is this bad? How can an attacker hurt me?
The second issue is about my photos, I am using a folder called mywebsite.com/uploads/ to access my photos
Although /upload is protected the subfolders uploads/temp and uploads/thumbs are visible through the browser
May this be hurtful too?
Any advice?
I am building a very small website (with PHP) and I have 2 big
Share
SQL injection is really bad but i like it 🙂
there is many types of sql injection like
remote sql injecton
blind sql injection
auto bypass sql injection
its the easy way to get data from site hacker use it like coders
see this example
There is no security in my code
site.php?id=1
my query will execute like
if hacker he will kill your code
site.php?id=1(any thing here can make problem ex: ` ‘ a-z A-Z / * / ” )
Because query will be like this
so single quotaion will make error in your query
and hacker can attack like this
here your query will execute like
and this will work 🙂
blind sql injection
hacker cannot work with easy way remote sql injection
because it here depend on right and false
so he will use
andorlike this
if work fine the script will work good else error will happen
he can know database info like this
example admin table is
adminauto bypass
its blicd sql injection but only true condition can access to admin
hacker can login like this
user = anything’ or 1=1 —
so your query will be like
anything is error user in databse
but condition or 1=1 is true
— will ignore your password check
he can access easily
protect
folder premission you can use
empty index.html , index.php ,