Comparitive Study of SQL Injection Attacks in Web Apps
Required skills: Java, JSP, PHP, Research, SQL
Hi,
I am looking for somebody, who has previous experience with web application security, sql injection attacks on web applications, databases, web technologies and programming languages( such as Java, C#, JSP, ASP, PHP etc), to write a detailed report on SQL injection attacks on web applications.
This study must include following (this list is not exhaustive)
Introduction to Web and web applications
Importance and popularity of web applications
Introduction to SQL
Sample web application(s )to demonstrate sql injection attacks
Analysis, Vulnerabilities, Detection and prevention of SQL injection attacks
Explanation and Comparison of various types of sql injection attacks on web applications
Various malicious strings used in attacks
Must also explain how attackers use malicious strings to attack by using sample demo apps
Must include complete list of malicious strings
Static and dynamic techniques and the comparisons
Compare various tools & techniques for their efficiency, effectiveness, limitations and ease of implementation
The study must include diagrams and code snippets
Must demonstrate how these attacks are independents of technologies used
Should provide recommendations or coding guidelines to avoid to make web apps safe
Must be well documented and formatted
Must be written in professional English language
Must provide citations to show where ideas have been taken from
Must provide bird eye view of the entire problem
Identify future work/ related work
This report will be my property and freelancer cannot use it or publish it anywhere else
Freelancer must provide weekly update on progress
For now, I have shortlisted around 20 research papers (this might increase as these papers refer to other papers) on this topic. These papers cover sql injection avoidance, detection and prevention techniques.
The study should be around 100-120 pages long (including diagrams, sample code snippets and Bibliography).
I am looking for someone to go through those papers and write a comparative study of various techniques.
Please see attached document for "tentative structure of the paper".
Please contact me if you need more information.
Thanks.
Additional files submitted:
Paper_Structure.docx
I am looking for somebody, who has previous experience with web application security, sql injection attacks on web applications, databases, web technologies and programming languages( such as Java, C#, JSP, ASP, PHP etc), to write a detailed report on SQL injection attacks on web applications.
This study must include following (this list is not exhaustive)
Introduction to Web and web applications
Importance and popularity of web applications
Introduction to SQL
Sample web application(s )to demonstrate sql injection attacks
Analysis, Vulnerabilities, Detection and prevention of SQL injection attacks
Explanation and Comparison of various types of sql injection attacks on web applications
Various malicious strings used in attacks
Must also explain how attackers use malicious strings to attack by using sample demo apps
Must include complete list of malicious strings
Static and dynamic techniques and the comparisons
Compare various tools & techniques for their efficiency, effectiveness, limitations and ease of implementation
The study must include diagrams and code snippets
Must demonstrate how these attacks are independents of technologies used
Should provide recommendations or coding guidelines to avoid to make web apps safe
Must be well documented and formatted
Must be written in professional English language
Must provide citations to show where ideas have been taken from
Must provide bird eye view of the entire problem
Identify future work/ related work
This report will be my property and freelancer cannot use it or publish it anywhere else
Freelancer must provide weekly update on progress
For now, I have shortlisted around 20 research papers (this might increase as these papers refer to other papers) on this topic. These papers cover sql injection avoidance, detection and prevention techniques.
The study should be around 100-120 pages long (including diagrams, sample code snippets and Bibliography).
I am looking for someone to go through those papers and write a comparative study of various techniques.
Please see attached document for "tentative structure of the paper".
Please contact me if you need more information.
Thanks.
Additional files submitted:
Paper_Structure.docx
Posted In:PHPJavaJSPSQLResearch |
Related projects:
Prevetn SQL injection Attacks
I need my .asp code updated to prevent SQL injection attacks.
http://www.ancientx.com/
http://www.ancientx.com/
Codeigniter Newsletter.ecommerce
ve Admin
:: I need to see and manage all functionalities and content on site.
- all added newsletters, banners, news directories, web page content
12. Sync Admin login with Main Site 3-level admin, meaning that permissions are assigned to staff based on the username and password that they need to login with.
13. Develop code so Admin can send newsletter to: (a) selected members (b) all members (c) selected groups (d) membership category and subcategory.
:: I need to see and manage all functionalities and content on site.
- all added newsletters, banners, news directories, web page content
12. Sync Admin login with Main Site 3-level admin, meaning that permissions are assigned to staff based on the username and password that they need to login with.
13. Develop code so Admin can send newsletter to: (a) selected members (b) all members (c) selected groups (d) membership category and subcategory.
Sql Injection/attack Fix
llow" style="text-decoration: none" onmouseover="this.style.textDecoration='underline'" onmouseout="this.style.textDecoration='none'">www.trregistry.com) which serves as a free public service has a security hole in the PHP/MySQL and requires review and fix to prevent suspected SQL injection / attacks. Inappropriate data with bogus info (most often porn references and links) are added almost immediately to the database even when removed. I need to find someone to lock down the site.
Include SQL injection protection and duplicate Banner
ons details so instead of refreshing the page you click on the bar and it will refresh itself, all items should be very easy to do if you know what to do. In the banner display I have duplicated all the files, all you have to do is work with the includes file, database, etc. The website is http://qvendio.com/, go see it and contact me. I am attaching a files so you have an idea what I need. I want to pay about $ 50.00 for this project.
SQL injection attacks - need FIXES applied to code
I need the 2 fixed listed here to be applied to my .ASP website. The site is currently down from another SQL injection attack. Once I simply restore my DB the site is fine.
I need someone to apply these fixes to prevent future attacks!
I strongly advice to set up this security fix :
http://www.xigla.com/absolutenm
Here's the other security fix :
http://www.mandalo.net/?f=117&fid=87c9d69d
Thank you!
I need someone to apply these fixes to prevent future attacks!
I strongly advice to set up this security fix :
http://www.xigla.com/absolutenm
Here's the other security fix :
http://www.mandalo.net/?f=117&fid=87c9d69d
Thank you!
site protection against sql injection
I need to protect the site against SQL injection: LOG IN AND DATABASE
Software & Web App Testing and Report Writing
software. We specialie in web apps as well as mobile apps, so access to Android Phone/Tablet as well as Apple iOS devices (iPhone, iPad) is an absolute asset.
Please respond with your technical proficiency, and which devices you have available to test apps on. Average review will outline any bugs found, issues experienced, and comparing between 1 app and another.
Please bid for 10 applications tested and written about.
Please respond with your technical proficiency, and which devices you have available to test apps on. Average review will outline any bugs found, issues experienced, and comparing between 1 app and another.
Please bid for 10 applications tested and written about.
Sql Injection
Need a very simple web application built using php/mysql in order to just demonstrate sql injection attack and also show ways to prevent it in a day.
Sql injection analysis + cleanup
Our site is in Classic ASP with an MS-SQL db. Our old developer managed to close security holes when we were hit by SQL Injections about a year back, but we've been suffering attacks daily now and need the following done :
a) A complete audit of all pages to find where the security holes are and where the sql injection is occuring from
b) Sql injection prevention scripts/functions/routines.
a) A complete audit of all pages to find where the security holes are and where the sql injection is occuring from
b) Sql injection prevention scripts/functions/routines.
penetrate a dummy site by sql injection (simple project)
I have a dummy site i would like you to penetrate by sql injection and then tell me what quuies used
i also would like to add some simple stuff in the main page like dummy newsfeed and be able to disclosure db info and or change things up
simple project
more details will be provided in messages
i also would like to add some simple stuff in the main page like dummy newsfeed and be able to disclosure db info and or change things up
simple project
more details will be provided in messages
2 online book websites using a security model in one.
their personal information such as name, address and telephone number. They are allowed to view and edit their own information on the web, but not other customers information.
3. Order books
Customers can order books. The order list sent from customers to the server must not be seen or modified by any other persons.
sample of this online book store is attached but we need not exactly the same due to copy right issues
3. Order books
Customers can order books. The order list sent from customers to the server must not be seen or modified by any other persons.
sample of this online book store is attached but we need not exactly the same due to copy right issues
Content Creation Task Workflow Site In Php/my
heron" separate from your bid.
8. If there are libraries you want to use that are not generally included in a "standard" PHP installation, please check them with me first.
9. No low-ball or "placeholder" bids will be considered. Your bid on scriptlance is considered final.
10. I will pay special attention to bids that include shorter time frames for project completion.
11. I prefer to use escrow payment system.
Please contact me with any questions you might have.
8. If there are libraries you want to use that are not generally included in a "standard" PHP installation, please check them with me first.
9. No low-ball or "placeholder" bids will be considered. Your bid on scriptlance is considered final.
10. I will pay special attention to bids that include shorter time frames for project completion.
11. I prefer to use escrow payment system.
Please contact me with any questions you might have.
Softbiz B2B Marketplace- Close SQL injection vulnerabilities
mited to):
http://www.exploit-db.com/exploits/12245/
http://secunia.com/advisories/17808/
http://osvdb.org/show/osvdb/21252
http://www.net-security.org/vuln.php?id=12210
http://www.cvedetails.com/cve/CVE-2005-3937/
In addition to well commented code, we need full information and code that has been modified/added (as we have numerous sites that need to be patched later by us).
http://www.exploit-db.com/exploits/12245/
http://secunia.com/advisories/17808/
http://osvdb.org/show/osvdb/21252
http://www.net-security.org/vuln.php?id=12210
http://www.cvedetails.com/cve/CVE-2005-3937/
In addition to well commented code, we need full information and code that has been modified/added (as we have numerous sites that need to be patched later by us).
Need Sql Injection Fix 2
note:in the past year the sql injection keep happening and every time i post a project and a programmer secure my pages then after some times the sql injection happen again and i have to do the exact same thing again so now i need final fix for this problem
Additional Info (Added 5/9/2010 at 13:18 EST)...System Message: This is a reposting of project need sql injection fix (1272981719).
Sql Injection Question - Easy
is in the page of a login form. Teach/show me how I can inject sql into this, to change it to something like...
$ q = "SELECT username from `users` WHERE username!=''";
or
$ q = "SELECT username from `users` where username='bob'";
I know this is probably pretty basic, so lowest bid that can give me a working example, or show me how to do it will get the bid. If you are the first person to provide a working example in the PMB, I will select your bid.
$ q = "SELECT username from `users` WHERE username!=''";
or
$ q = "SELECT username from `users` where username='bob'";
I know this is probably pretty basic, so lowest bid that can give me a working example, or show me how to do it will get the bid. If you are the first person to provide a working example in the PMB, I will select your bid.
Sql Injection On Database....
I need a GOOD programmer to retrieve data from a database using SQL injection technique. I am stuck on the last parameter which I cannot do. I have also $ 10,000 worth of work through clients whithin the same projects. Please contact me for further information. This is for a EXPERIENCED programmer in SQL, and HTML and a little Java. I want to change my stats on a application game I have but need someone to access the database or the source code.
Thanks
S.
Thanks
S.
Sql Injection Weakness Help
We currently have a big problem with one of our wordpress sites where we are getting an sql injection every day now. We want someone who can look for the weakness on our site and then help up improve it's security and put things in place to stop it happening again.
This is URGENT!
This is URGENT!
SQL Injection in a website
Hi, i need to do a SQL INJECTION in a website as a test...
The website is in PHP/MySql and has security problems.
Objective: Execute a SQL INJECTION to replace some data.
Only low bids will be considered.
The website is in PHP/MySql and has security problems.
Objective: Execute a SQL INJECTION to replace some data.
Only low bids will be considered.
Sql Injection Fix
ble. Every product in the table had text injected into the description field of the table. We need the text removed (1000 products) and need to have SQL Injection fixes installed. The injected text is most troubling for our client in that there is so much text, it crashes the website when attempting searches. The text could be removed for the most part programatically and if not, then the old fashioned way of deleting the text one at a time would work too.
Thank you
Bob
Thank you
Bob
Sql Injection
injection. I need someone to go into the code and the database and fix or remove the problem for me. I was told a encrypted capcha at the end of all forms work - not sure. I just want it protected fom sql injection. NOTE: your acceptance requires you to guarantee from this day forward for it not to be infected and if it does, you are to fix it again for free. Not sure if this is a big project or not just want you to be sure of what you are bidding on. I am looking for an honest worker.
