/ / How to Prevent SQL Injection in ASPX Web Apps

How to Prevent SQL Injection in ASPX Web Apps

Edit
In the name of ALLAH the most beneficent and the Merciful
I was coding a tool for myself when i need to connect to database than i thought to write some about “How to Prevent SQL Injection in ASPX Web Apps”
First Vulnerable Code
Vulnerable Code

this is the example of bad code or Vulnerable Code. See here the “variable Site” is directly concatenated into query, Which leads to SQL injection. This Code is now vulnerable to Blind Injection because only integer is returned but still this is a bug. And if you find such bug in fb or Microsoft site. You can get some good $$, And 2nd thing that exceptions are also not handled leading to another major problem “Application Crash”. So What to Do..
Good Code :
Safe Code
This is the example of good and SAFE code now. This is like prepared statements in PHP. Hope you got the idea.
For any problem plz let me know.
thanx
Share on Google Plus
Unknown

About Unknown

Hi , This is Osama Mahmood and i will share all my knowledge and skills on #infosec with you and hope you will enjoy learning new and unique things. follow me on twitter @OsamaMahmood007
    Blogger Comment
    Facebook Comment

0 comments:

Post a Comment

Subscribe to: Post Comments ( Atom )