I am looking for backdoors in various softwares and wondering if the following code is vulnerable to a sql injection.
There's an email field with the following validation expression. (ASPX/CS)
ValidationExpression="\w+([-+.']\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*">
Is it possible to exploit the above to drop a table for example or do anything malicious using a SQL injection?
Thanks
Regards
EDIT 1: People have asked me how this was implemented —
SqlConnection conn = new SqlConnection(snpConnectionString);
SqlCommand command = conn.CreateCommand();
conn.Open();
command.CommandText = "INSERT INTO TABLE_ VALUES ('" + TextBoxFN.Text + "','" + TextBoxLN.Text + "','" + sb1.ToString() + "','" + TextBoxEA.Text + "','" + sb.ToString() + "',0,'" + DateTime.Now + "')";
try{
SqlDataReader reader = command.ExecuteReader();
}
catch
{
Response.Redirect("Error.aspx", true);
}
TextBoxEA.text corresponds to the email address.
Answer
Regular expression validation is great for the UI or business layer to check user input to prevent errors.
It is less great for preventing SQL injection.
If the code does not use parameterized queries, it is vulnerable either now, or later after someone makes a minor error updating the regular expression to conform to a new business requirement.
No comments:
Post a Comment