Session Cookie Based SQL Injection

Short Description: SQL injection is most dangerous attack for web application, there are a lot of different websites are vulnerable to SQL injection. There are different variant for SQL injection like a simple SQL injection, blind SQL injection and Cookies based SQL injection. As you know the basic idea about cookies and their importance, cookies are represent some session and normally they count in cross site scripting attack (XSS) but what is cookies based SQL injection. In this article we will discuss cookies or session based SQL injection attack. 

Did you say a “Cookie” 

A cookie, also known as an HTTP cookie, web cookie, or browser cookie, is used for an origin website to send state information to a user’s browser and for the browser to return the state information to the origin site. The state information can be used for authentication, identification of a user session, user’s preferences, shopping cart contents, or anything else that can be accomplished through storing text data.
Cookies are not software. They cannot be programmed, cannot carry viruses, and cannot install malware on the host computer. However, they can be used by spyware to track user’s browsing activities – a major privacy concern that prompted European and US law makers to take action. Cookies could also be stolen by hackers to gain access to a victim’s web account.[1]


Where can I find my cookies?


Here is one way to get your stored cookies using your browser. This method is applied for Mozilla Firefox:


  1. From the Tools menu, select Options. If the menu bar is hidden, press Alt to make it visible.

  2. At the top of the window that appears, click Privacy.

 4. To modify settings, from the drop-down menu under “History”, select Use custom settings for history. Then enable or disable the settings by checking or unchecking the boxes next to each setting:


  • To allow sites to set cookies on your computer, select Accept cookies from sites. To specify which sites are always or never allowed to use cookies, click Exceptions.
  • To accept third-party cookies, check Accept third-party cookies. In the drop-down menu next to “Keep until:”, select the time period you wish to keep cookies on your computer.
  • To view the cookies stored on your computer, click Show Cookies… . In the window that appears, you can view the cookies on your computer, search for cookies, and remove any or all of the listed cookies.
  • To specify how the browser should clear the private data it stores, check Clear history when Firefox closes. Then, click Settings… . You can specify the items to be cleared when you close Firefox.

  4. Click OK until you return to the Firefox window.

To remove all cookies, from the Tools menu, select Clear recent history… . Check the items you want to clear, and then click Clear Now.



Are you talking about a Cookie Poisoning-like attack?


Cookie Poisoning attacks involve the modification of the contents of a cookie (personal information stored in a Web user’s computer) in order to bypass security mechanisms. Using cookie poisoning attacks, attackers can gain unauthorized information about another user and steal their identity.
Cookie poisoning is a known technique mainly for achieving impersonation and breach of privacy through manipulation of session cookies, which maintain the identity of the client. By forging these cookies, an attacker can impersonate a valid client, and thus gain information and perform actions on behalf of the victim. The ability to forge such session cookies (or more generally, session tokens) stems from the fact that the tokens are not generated in a secure way.[4]
To sum up, cookie-based SQL Injection is far to be a kind of Cookie Poisoning.

Cookie variables as a vector of SQL Injections:


SQL injection overview

A SQL injection attack consists of insertion or “injection” of a SQL query via the input data from the client to the application. A successful SQL injection exploit can read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database (such as shutdown the DBMS), recover the content of a given file present on the DBMS file system and in some cases issue commands to the operating system. SQL injection attacks are a type of injection attack, in which SQL commands are injected into data-plane input in order to effect the execution of predefined SQL commands.
All data sent by the browser to a Web application, if used in a SQL query, can be manipulated in order to inject SQL code: GET and POST parameters, cookies and other HTTP headers. Some of these values ​​can be found in the environment variables. The GET and POST parameters are typically entered into HTML forms, they can contain hidden fields, i.e. information that is in form but not shown. GET parameters are contained in the URL and POST parameters are passed as HTTP content. Nowadays, and with the growth of Web 2.0 technologies, the GET and POST requests can also be generated by JavaScript.

Injecting malicious code in cookie:

Unlike other parameters, cookies are not supposed to be handled by users. Outside of session cookies which are (usually) random, cookies may contain data in clear or encoded in hexadecimal, base64, hashes (MD5, SHA1), serialized information. If we can determine the encoding used, we will attempt to inject SQL commands.



 function is_user($user) {

global $prefix, $db, $user_prefix;

if(!is_array($user)) {

        $user = base64_decode($user);

        $user = explode(“:”, $user);

$uid = “$user[0]“;

$pwd = “$user[2]“;

} else {

$uid = “$user[0]“;

$pwd = “$user[2]“;

}

if ($uid != “” AND $pwd != “”) {

    $sql = “SELECT user_password FROM “.$user_prefix.”_users WHERE user_id=’$uid’”;

$result = $db->sql_query($sql);

$row = $db->sql_fetchrow($result);

$pass = $row[user_password];

if($pass == $pwd && $pass != “”) {

return 1;

}

}

return 0;

}

The cookie contains base64 encoded form identifier, a field that is unknown and a password. If we use as a cookie 12345 ‘UNION SELECT’ mypass ‘:: mypass base64 encoded, the SQL query becomes:
  SELECT user_password FROM nk_users WHERE user_id=’12345′ UNION SELECT ‘mypass’

This query returns the password mypass, the same password as we have to provide. So we are connected.

How to inject the code in Cookies?

There are many HTTP interceptors and HTTP editors that can intercept the HTTP request before it is sent to the server. Then the tester can introduce his malicious SQL statement in the cookie field.
It’s like a get/post based SQL Injection, except that certain characters can’t be used. Forexample, ‘;‘ and ‘,‘ are typically treated as delimiters, so they endthe injection if they aren’t URL-encoded.

Conclusion

Cookie variables sometimes are not properly sanitized before being used in SQL query. This can be used to bypass authentication or make any SQL query by injecting arbitrary SQL code. For the web application audits, cookie variables should be added to the list of parameters to be checked.

For more Updates Visit: amadahmad.blogspot.com
Continue Reading...

What Is A DNA computer? How Can It Beat The World’s Fastest Supercomputers?

Short Description: The concept of DNA computing was first introduced in 1994. It deals with the “bio-chips” made of DNA that are able to perform billions of calculations at once by multiplying themselves in number. In other words, a DNA computer grows as it computes. In a recent development, the researchers from the University of Manchester have shown that the creation of this conceptual computer is possible in real life.
   I
ntel is struggling to increase the speed of their CPU's due to the limitations of Moore’s law. The other processor makers are also working hard to beat the speed records. There’s no denying the fact that researchers and scientists need to look for silicon alternatives for faster computing. The silicon-based computers have a finite number of processors and, thus, their capabilities are also finite.

What is a DNA computer? How does it work?

Long back in 1994, the concept of computing with DNA was first proposed to make calculations faster even with a small footprint. Its major highlight was the ability to multiply itself and carry out numerous calculations simultaneously. In other words, unlike a normal computer that performs calculations one after another, a DNA computer does those calculations at once by making multiple copies of itself.
Coming back to the introduction of the concept of DNA computing in 1994, it was invented by the famous cryptographer Leonard Adleman who used DNA to solve the “traveling salesman” problem. The problem aimed at finding out the shortest route between a number of cities by going through each city only once. Adleman showed that billions of molecules in a drop of DNA had so much computational power that can simply overpower silicon and the powerful human-based computers.
In his experiment, the strands of DNA represented 7 cities. The sequences of genetic alphabets A, T, C, and G represented cities and the path. After this, when the DNA molecules were mixed in a test tube, some DNA strands stuck together and the chains of strands were the possible answers. Using some chemical reactions, wrong molecules were removed. You can read more about the process in detail in this paper written by Adleman himself.
These DNA molecules are able to store billions of times more data as compared to tradition storage devices. Due to an abundance availability of DNA, it’s a cheap resource. Also, a DNA computer will be environment-friendly and compact in size.

What’s the latest progress? Is DNA computing going to be a reality very soon?

In 1997, the researchers at the University of Rochester developed basic DNA logic gates, which was seen as a breakthrough. Recently, a major development in the field of DNA computing was made by the researchers from the University of Manchester, which is famous for creating first stored memory electronic computer.
The researchers have shown that it’s possible to build a DNA computer that’ll grow as it’ll compute. This concept is also being called a nondeterministic universal Turing machine (NUTM).
As the DNA molecules are very tiny, a desktop “DNA” computer can utilize more processors than all the electronic computers in the world combined. “And therefore outperform the world’s current fastest supercomputer, while consuming a tiny fraction of its energy,” according to Professor King of Manchester’s School of Computer Science.
In a research paper, they have described the physical design for an NUTM that implements a universal Thue system. This design uses the DNA’s ability to replicate to execute an exponential number of paths. Their paper shows that this design works using in vitro molecular biology experimentation and computation modeling. You can read the research paper to know more details.
Currently, the field of DNA computing is in its nascent stage, and it’ll take a long time to develop a working DNA computer. But, whatever might be the rate of progress, the concept surely sounds exciting.
For more Updates Visit: amadahmad.blogspot.com
Continue Reading...

Most Popular Programming Languages, Frameworks, Libraries, And Databases | 2017


Stack Overflow has released its much-anticipated Developer Survey 2017. This year, over 64,000 developers took part in the survey and shared their preferences. The survey revealed that for the fifth time in a row, JavaScript was the most commonly used programming language, followed by SQL and Java.
Stack Overflow is the world’s largest online community for programmers where they can learn languages, share code, and help each other. The website also releases its annual developer survey which gives a pretty solid idea of current programming trends, the work lives of developers, their habits and preferences, etc.
Since 2011, Stack Overflow is conducting this survey each year. This year’s survey is the biggest in Stack Overflow’s history with 64,000 developers taking part. Over the course of next few days, I’ll be telling you about some of the major highlights of this survey.

Most popular programming languages:

For the fifth time in a row, JavaScript has topped the list of the most commonly used programming languages. JavaScript is followed by SQL and Java.
The growth of Python is notable. It has overtaken PHP for the first time in five years. Here’s the list of the most popular programming languages:

Most popular frameworks, libraries:

In this category, Node.js and AngularJS continue to be the most commonly used technologies:

Most popular databases:

For the first time in its survey, Stack Overflow asked the developers what databases they were using. MySQL and SQL Server turned out to be the biggest databases:

For more Updates Visit: amadahmad.blogspot.com
Continue Reading...

Paulo Coelho’s 5 Smartest Advices for Students


When Paolo Coelho wrote and released “The Alchemist,” his first publisher dropped the book because the sales were bad. Fortunately, he found another publisher who had more faith in it and the rest became history. “The Alchemist” encourages a person to reconsider how he views life and helped establish Coleho as an inspirational writer. Here are some of the smartest advice from the book that will prove helpful how you view life not only as a student but in general.
Action is the first step to success
Success will not come if you don’t take a step first. Taking action is also the only way to learn. You can study more, read more, listen more but if you don’t take any action, all those knowledge remains a knowledge. On the other hand, success comes when you turn that knowledge into action.
Compensate your weakness with your strength
All of us have their own weaknesses and strengths. However, weaknesses should not stop you from being successful and earning the respect of others. Instead, focus on your strength instead of your weakness.
Persevere
In “The Alchemist,” there’s a quote there that says if you really want something, the universe conspires in helping you get that dream. There might be something you’ll encounter that will make you doubt your dream but yo have to keep your focus and be obsessed with your dream.
Rejection is normal
Paulo loved writing and believes in himself. He recounted a story where he passed some of his poetry in a reputable magazine but got humiliated in return. He took it personally at first but eventually got over the rejection. The experience encouraged him to make himself better.
Getting a corporate job does not necessarily mean success
Getting a job in the corporate world might pay you a lot of money but that does not necessarily mean success. Doing what you love doing is a gift that only a few enjoys but not impossible to achieve.
Continue Reading...

The Dark and Bloody History of Valentine's Day


As we all know, the annual festival for lovers to celebrate love is coming near. Of course, we are talking about "Valentine's Day", it is a no-brainer that most people who enjoys this holiday more are the committed couples. Generally, it is a time for us to celebrate romance and love and everything cheesy. Valentine's day may be cheesy since it focuses on giving sweets and seeing cupids around. But don't get fooled, the love festival actually has a dark, bloody and muddled origin.
"Valentine's Day, also called Saint Valentine's Day or the Feast of Saint Valentine is an annual holiday celebrated on February 14. It originated as a Western Christian liturgical feast day honoring one or more early saints named Valentinus, and is recognized as a significant cultural and commercial celebration in many regions around the world, although it is not a public holiday in any country." - Wikipedia
 
Though no one has been able to pinpoint the exact origin of the holiday, one good and more accurate place to begin is ancient Rome, where men hit on women by, well, hitting them. From February 13 to 15, the Romans celebrated the feast of Lupercalia. It is known to have men sacrifice a goat and a dog, then whipped women with the hides of the animals they had just slain. The Roman romantics were depicted as drunk and naked during this holiday according to Noel Lenski, a historian at the University of Colorado at Boulder. The holiday centers around the young women who would confidently line up for men to hit them. They believed that getting hit during this holiday would make them fertile. The brutal belief also includes a matchmaking lottery, in which young men drew the names of women from a jar. Then, the couple would be coupled up for the duration of the festival or longer, if the match seems to be accurate. The early Romans was known to be responsible for the name of this love festival. Emperor Claudius II executed two men who possesses the name "Valentine" on February 14 of different years in the 3rd century A.D. Their act of humbleness and kindness known to be martyrdom was greatly honored by the Catholic Church in which, the celebration of St. Valentine's Day started to be practiced.
Before too long, Pope Gelasius I mixed things up in the 5th century by combining St. Valentine's Day with Lupercalia to remove the pagan rituals. He might have won that time but the festival became more of a theatrical interpretation of what it had once been. People was a little more on a drunken revel, but at least, the Christians put clothes back on it. Even if the celebration toned down some acts of people during February 14, it still didn't stop the festival from being a day of fertility and love. During that time, the Normans celebrated Galatin's Day. Galatin is known to have a meaning; "lover of women." It was likely confused with St. Valentine's Day at some point, due to they sound alike. 
William Shakespeare is known worldwide and considered to be a great person who revolutionized literature of our time also helped in giving more "love factor" and romanticized Valentine's Day through his work. He did not failed as it gained popularity throughout Britain and the rest of Europe. As the years went by, the holiday grew more sweeter. Chaucer and Shakespeare romanticized it in their work, and it gained popularity throughout Britain and the rest of Europe. Handmade paper cards became the tokens-du-jour in the Middle Ages. Eventually, the tradition made its way to the New World. The industrial revolution ushered in factory-made cards in the 19th century. And in 1913, Hallmark Cards of Kansas City, Mo., began mass producing valentines. February has not been the same since. And until now, people are known to be celebrating this festival with more relevance to Shakespeare's idea.
Fast forward to present times, the holiday is still known to be a big business. And so the celebration of Valentine's Day goes on, in variety of ways.Some will find time to spend this day with their significant other, while some will break the bank buying jewelry and flowers for their beloved partners. Some might still find this day worth celebrating even if they are single and alone. But if in case, you want to find a way to somehow lessen the romantic feel of Valentine's day, then its dark origins may help!
Continue Reading...
Subscribe to: Posts ( Atom )