Follow us on Twitter!
Your life is ending one minute at a time. If you were to die tomorrow, what would you do today?
Thursday, April 24, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 27
Guests Online: 25
Members Online: 2

Registered Members: 82905
Newest Member: BLckLIght
Latest Articles
View Thread

HellBound Hackers | Computer General | Increasing Security

Author

addslashes for database sanatization

Mr_Cheese




Posts: 2468
Location: Brighton, UK
Joined: 30.11.04
Rank:
Uber Elite
Posted on 09-05-08 17:11
for those of you that may use addslashes() in php to sanatize user input before being entered into the database... i may have some interesting news for you.

many use addslashes to make sure values can be added safely into a database.

some of you may not be aware that addslashes isnt "secure". many developers prefer mysql_escape_string() isntead as this is a much more effective and secure way of sanatizing data.

the other day a couple of our clients had problems saving information. this was due to them using an old system that used addslashes() to enter information itno the database.

I know that upside down question marks escape addslashes() but was unaware of other charachters that may do so.

We discovered that some charachters produced by microsoft word 2008 actually escaped addslashes aswell. One of the charachters was the comma. This is because Microsoft Word 2008 uses a special charachter for comma's instead of the standard , - Microsoft word does this because the special charachter they use, looks 0.1% better than the standard comma.

The client was simply copying/pasting information from word into a textbox which thus tried entering the special charachter into the database.

And as you probably know, if you can escape addslashes(), it means you can SQL Inject.

So a lesson learnt... deffinatly use mysql_escape_string instead of addslashes. mysql_escape_string was able to sanatize the special charachters.

Thought this was worth mentioning incase others were only aware of the upside down ? exploit, you now have other charachters to play around with.


Useful links:
http://shiflett.o. . .ape-string
http://uk3.php.ne. . .
http://uk3.php.ne. . .ape_string





Edited by Mr_Cheese on 09-05-08 17:13
http://www.hellboundhackers.org/
Author

RE: addslashes for database sanatization


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 09-05-08 17:31
Interesting post Mr_Cheese, thanks for sharing the info.


Author

RE: addslashes for database sanatization

Uber0n
Member



Posts: 1963
Location: Sweden‭‮
Joined: 13.06.06
Rank:
Hacker Level 3
Posted on 09-05-08 19:18
Whoa Shock now I have something to play with on my own server tonight ^^

Thanks a lot, Cheese!


img230.imageshack.us/img230/724/uber0nsig3hj6.gif
http://uber0n.web. . .
Nope http://uber0n.webs.com/
Author

RE: addslashes for database sanatization

korg
Admin from hell



Posts: 2798
Location: ENDING YOUR ONLINE EXPERIENCE!
Joined: 01.01.06
Rank:
God
Posted on 09-05-08 20:55
Nice update Cheese, Something to check and watch out for. Thanks.


i57.photobucket.com/albums/g215/korg1269/shodan13.jpg

I deal in pain, All life I drain, I dominate, I seal your fate.
O R
Author

RE: addslashes for database sanatization


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 09-05-08 22:27
mysql_escape_string or mysql_real_escape_string are definitely the better way to go. they add slashes to a wider range of characters. in the way of stripping \n and \r, it can also prevent things such as CRLF injection, probably other things too.