Home/ Questions/Q 1078259
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-16T21:41:45+00:00

My co-worker is being unsafe with his code and is allowing a user to

  • 0

My co-worker is being unsafe with his code and is allowing a user to upload an SQL file to be run on the server.
He strips out any key words in the file such as "EXEC", "DROP", "UPDATE", "INSERT", "TRUNC"

I want to show him the error of his ways by exploiting his EXEC ( @sql )

My first attempt will be with 'EXEXECEC (N''SELECT ''You DRDROPOPped the ball Bob!'')'

But he might filter that all out in a loop.

Is there a way I can exploit my co-worker’s code? Or is filtering out the key words enough?

Edit: I got him to check in his code. If the code contains a keyword he does not execute it. I’m still trying to figure out how to exploit this using the binary conversion.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    1. Tell your co-worker he’s a moron.

    2. Do an obfuscated SQL query, something like:

      select @sql = 0x44524f5020426f627350616e7473

    This will need some tweaking depending on what the rest of the code looks like, but the idea is to encode your code in hex and execute it (or rather, let it be executed). There are other ways to obfuscate code to be injected.

    You’ve got a huge security hole there. And the funny part is, this is not even something that needs to be reinvented. The proper way to stop such things from happening is to create and use an account with the correct permissions (eg: can only perform select queries on tables x, y and z).

    • 0