Go Back   Computer Forums > General Computing > Cyber Safety and Computer Security
Click Here to Login
Join Computer forums Today


Reply
 
Thread Tools Search this Thread Display Modes
 
Old 09-29-2004, 02:29 AM   #1
Beta Member
 
Join Date: Sep 2004
Posts: 2
Unhappy i need help in sql injection n cross site scripting

hi everybody........

tis is my first time here....i hope someone out there could help me...i have an assignment on sql and cross site scripting....based on this aspects i will have to discuss the probs of webpage vulnerability and how can it be resolved by the administrator....i have very little knowledge bout security....hope someone out there could help.......


regards
-rita-
__________________

rita is offline   Reply With Quote
Old 09-29-2004, 07:08 AM   #2
Site Team
 
root's Avatar
 
Join Date: Mar 2004
Posts: 8,003
Default Re: i need help in sql injection n cross site scripting

The first line of defense against SQL injection should be data validation,
(and not just with javascript. -data should be validated server side)...
the second line would be not to use stored procedures, passing NULL data to a stored procedure is the quickest way to get table structure information from a website...

I'm sure if you use google you'll find a lot more information than any one person could give you.
__________________

root is offline   Reply With Quote
Old 09-29-2004, 07:27 AM   #3
Daemon Poster
 
Novartic_'s Avatar
 
Join Date: Feb 2004
Posts: 838
Send a message via MSN to Novartic_ Send a message via Yahoo to Novartic_
Default Re: i need help in sql injection n cross site scripting

allso for security thay use a scriped on only the pages that thay dont want you to see and to only bye pass that you need a login and password so that you can acsess these tight securiy pages, for this forum we use cookys wich keep you loged in on all pages so that you dont have to log back in all the time you want to post a reply or sumthing
__________________
HomeSite: www. n-computers.co.uk, SupportForum: forum. n-computers.co.uk
Processor:AMD XP2600+ 2.00GHz.
Memory:1.5GB HD:80Gb, 40GB.
Video:800 x 600 in64KColors.
O/S:Windows XP Pro SP2 CRACKED. PLEASE DO NOT CHANGE MY SIG, IT HAS BEEN THE SAME FOR 2 YEARS SO LEAVE IT.
Novartic_ is offline   Reply With Quote
Old 09-29-2004, 07:32 AM   #4
Daemon Poster
 
Novartic_'s Avatar
 
Join Date: Feb 2004
Posts: 838
Send a message via MSN to Novartic_ Send a message via Yahoo to Novartic_
Default Re: i need help in sql injection n cross site scripting

SQL is used in data basing (acsess is usely used for this) and servers, as well as apachi, php (i think that this is made up from that), and theres many more as well as asp which is also used in the same prinseble as php dose but is old and more advaced.
__________________
HomeSite: www. n-computers.co.uk, SupportForum: forum. n-computers.co.uk
Processor:AMD XP2600+ 2.00GHz.
Memory:1.5GB HD:80Gb, 40GB.
Video:800 x 600 in64KColors.
O/S:Windows XP Pro SP2 CRACKED. PLEASE DO NOT CHANGE MY SIG, IT HAS BEEN THE SAME FOR 2 YEARS SO LEAVE IT.
Novartic_ is offline   Reply With Quote
Old 09-29-2004, 08:29 AM   #5
Site Team
 
root's Avatar
 
Join Date: Mar 2004
Posts: 8,003
Default Re: i need help in sql injection n cross site scripting

SQL is structured Query language ad is used only to preform database queries.
PHP is the pre-processed hypertext language, and has the ability to interface with servers using the SQL language.
ASP is active server pages and again has the ability to interface with databases using the SQL query language.

PHP is written in C, whilst it has support to connect to a database and pass on SQL requests, it is not made, or based on SQL.

-hope that makes sense.
root is offline   Reply With Quote
Old 09-29-2004, 08:33 AM   #6
Daemon Poster
 
Novartic_'s Avatar
 
Join Date: Feb 2004
Posts: 838
Send a message via MSN to Novartic_ Send a message via Yahoo to Novartic_
Default Re: i need help in sql injection n cross site scripting

didnt mine then? o never mind as im dyslexic anyway nothing i say makes a lot of sence and its like im on a world of my own. he he he he.
__________________
HomeSite: www. n-computers.co.uk, SupportForum: forum. n-computers.co.uk
Processor:AMD XP2600+ 2.00GHz.
Memory:1.5GB HD:80Gb, 40GB.
Video:800 x 600 in64KColors.
O/S:Windows XP Pro SP2 CRACKED. PLEASE DO NOT CHANGE MY SIG, IT HAS BEEN THE SAME FOR 2 YEARS SO LEAVE IT.
Novartic_ is offline   Reply With Quote
Old 09-29-2004, 10:56 AM   #7
Beta Member
 
Join Date: Sep 2004
Posts: 2
Smile

gee thnx a lot guys...ur the best.....i did get lots of info bout this threasts but i dont knw how to put it in my own words but now since u guys gave me few tips...i think i can manage...oncce more thnx.......lu u guys.....
rita is offline   Reply With Quote
Old 09-29-2004, 11:02 AM   #8
Daemon Poster
 
Novartic_'s Avatar
 
Join Date: Feb 2004
Posts: 838
Send a message via MSN to Novartic_ Send a message via Yahoo to Novartic_
Default Re: i need help in sql injection n cross site scripting

use these we dont mind and hows the teacher going to find out?
__________________
HomeSite: www. n-computers.co.uk, SupportForum: forum. n-computers.co.uk
Processor:AMD XP2600+ 2.00GHz.
Memory:1.5GB HD:80Gb, 40GB.
Video:800 x 600 in64KColors.
O/S:Windows XP Pro SP2 CRACKED. PLEASE DO NOT CHANGE MY SIG, IT HAS BEEN THE SAME FOR 2 YEARS SO LEAVE IT.
Novartic_ is offline   Reply With Quote
Old 09-29-2004, 11:06 AM   #9
Site Team
 
root's Avatar
 
Join Date: Mar 2004
Posts: 8,003
Default Re: i need help in sql injection n cross site scripting

Quote:
Originally Posted by novartic
didnt mine then? o never mind as im dyslexic anyway nothing i say makes a lot of sence and its like im on a world of my own. he he he he.
It wasn't that your words didn't make sense and it had nothing to do with your dyslexia.

What I said was the PHP was not based on SQL, and neither was ASP.
root is offline   Reply With Quote
Old 09-29-2004, 11:09 AM   #10
Daemon Poster
 
Novartic_'s Avatar
 
Join Date: Feb 2004
Posts: 838
Send a message via MSN to Novartic_ Send a message via Yahoo to Novartic_
Default Re: i need help in sql injection n cross site scripting

well combined. with users etc.. u use SQL to combine the three together.
__________________

__________________
HomeSite: www. n-computers.co.uk, SupportForum: forum. n-computers.co.uk
Processor:AMD XP2600+ 2.00GHz.
Memory:1.5GB HD:80Gb, 40GB.
Video:800 x 600 in64KColors.
O/S:Windows XP Pro SP2 CRACKED. PLEASE DO NOT CHANGE MY SIG, IT HAS BEEN THE SAME FOR 2 YEARS SO LEAVE IT.
Novartic_ is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off



All times are GMT -5. The time now is 02:04 AM.


Powered by vBulletin® Version 3.8.8 Beta 4
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Search Engine Friendly URLs by vBSEO 3.6.0