Tuesday, December 20, 2011

Microprocessor Security

It seems like nobody is actively looking into microprocessor security, especially the segment on microcode. Anyone has ideas on this?
Posted by at No comments:

Wednesday, December 7, 2011

2FA for Singapore Banks

Singapore banks are implementing new 2FA tokens. The new tokens will require users to input some information before it generate some pin. Will this be enough to stop the recent surge of malwares that are attacking the internet banking features of the local banks?
Posted by at No comments:

Thursday, December 1, 2011

Syscan '12

CFP for syscan'12 is now open. The honorarium for the speakers are very attractive. They can be found here Syscan CFP
Posted by at No comments:

Automated Malware Analysis

We are building a automated malware analysis engine. Anyone interested to try it?
Posted by at 1 comment:

Thursday, February 5, 2009

SQL injection for Beginners

There have been so many writeup on SQL injection in the past few years. It is a well researched topics and attackers are no longer relying on the simple injection with the type
' OR 1=1--

But for the beginners, they will be asking "How do I carry out SQL injections??"
Do not worry, this blog will provide a simple step by step explaination to this.

When a programmer develop a web page, he will need to prepare a SQL query statment to be pass into the database for query execution. This will typically be in the form

str = "Select * from User where username=" + name +  "and password = " + pass

The parameter name and pass are usually being passed from the webpage. If this statment return a positive result, the user will be authenticated. If it return a null, the user most likely do not exist. 

Now, what happen if you pass ' OR 1=1;-- into the name parameter? 
The query string will be

Select * from User where username=' OR 1=1-- and password=pass

What this statment means is that username will be blank or always true, as 1 always equal to 1. The -- at the back is the SQL comment sequence. This means that any sentence after this to the end of the line will be ignore by SQL. Therefore, it does not really matter what you pass into the password field as this statement will always return true. The attacker will be authenticated and be allowed into the web application.

Stay tune for part 2 on more advance form of SQL injection.


Posted by at No comments:

Tuesday, August 26, 2008

Diving into the world of Tcl/Tk

Trying to pick up GUI programming for Tcl/Tk to add in my work.
Here is a quick reference
http://www.pythonware.com/library/tkinter/introduction/
Posted by at No comments:

Thursday, August 14, 2008

Web Security

I am starting into the new area of web security and here are some of the resources that I have found. Stay tune for more interesting site on web security

Burp Suite
WebScarab
ProxyStrike
W3af
IBM Rational AppScan
Posted by at No comments:
Subscribe to: Comments (Atom)