Reputation: 11
Is injection attack possible on the following code?
I have to create two applications for every web app attack type for my project. One in which the attack works, other in which it doesn't. At the time of writing code for sql injection, i cam out with the following codes:
vulnerable
EmpTable result = ctx.Database.SqlQuery<EmpTable>("Select * from EmpTable where username = '" + TxtUsername.Text + "'and password = '" + TxtPassword.Text + "'").FirstOrDefault();
and, invulnerable:
EmpTable result = (from reff in ctx.EmpTables.Where(p => (p.Username == TxtUsername.Text) && (p.Password == TxtPassword.Text)) select reff).FirstOrDefault();
i just want to make sure that there is no way to perform injection attack on the invulnerable one. Please tell me if the code is really invulnerable.
Upvotes: 1
Views: 127
Answers (1)
Reputation: 38608
Yes, in the second case, I believe that is invulnerable, because you pass the responsability to LINQ (and Entity Framework, or NHibernate, or other ORM tools like this) to performance the query on database. It should have to deal with your SQL safely since it provides this task.
In the first case, you should use Parameter to avoid SQL Injection, for sample:
ctx.Database.ExecuteSqlCommand(@"select * from EmpTable where username = @user and password = @pass",
new SqlParameter("user", TxtUsername.Text),
new SqlParameter("pass", TxtPassword.Text));
Obs: I didn't try it
Upvotes: 1
Related Questions
- Is it safe method against sql injection?
- sql injection attacks
- Is this SQL query, injection safe
- Is this susceptible to an injection attack
- Am I protected against SQL injections?
- Can this be victim of sql injection
- Can I get SQL injection attack from SELECT statement?
- Is this safe from sql injection?
- Is it a SQL injection?
- Is this code safe from SQL injections? (and why)