We wanted to see what the effects of SQL Injection attack were on a simple system (of which there are tens of thousands of out there) and Alan (www.astirling.com) designed a very simple logon system running on a local virtual machine to have a go at.
As we had suspected if adequate measures were not taken it was remarkably simple to log in fully by using a very basic attack by simply putting:
a’ or 1=1 or ‘a
into both the username and password boxes!
Keep your systems secure and remember to test your login system to destruction! Read all about how the username / password is not necessarily the downfall of a system, it is the ’email me my password’ functionality!! http://www.unixwiz.net/techtips/sql-injection.html
We had yet another brilliant evening of programming club last night at the ISArc offices near the Giants Causeway. We learned about common web-based systems attacks and how to counter them in our code. There were many tools to discover open ports, but perhaps none so interesting as mmap.
NMap is described as a security scanner, and it does exactly that – allowing you to scan your servers to find out what ports are open and then remedy the situation. Ideally a web server will only return port 80 being open.
Once you have downloaded and installed NMap on your Mac, simply open terminal (using another handy shortcut that I learned last night, pressing command and space to open spotlight and then type terminal and press enter)
In terminal, you then type:
nmap -v ipaddress
Obviously for security reasons I cant show you our results, but needless to say we found a few ports open that should not have been open (we were looking for only 2 ports open, 80 and 443 ideally), though discovered that the strange ports up near the 50000 range were actually for the dropbox services, so not a major panic after all.
If you know of other tools, or can add details on the Windows way of using NMap, please do comment!