sql injections through orm
This commit is contained in:
parent
f58719ad6a
commit
a5459ae447
|
|
@ -0,0 +1,49 @@
|
|||
# Object Relational Model (ORM)
|
||||
|
||||
Direct user input through the ORM may contain vulnerabilities we can exploit.
|
||||
There are vulnerabilities similar to raw SQL queries, when not validating and
|
||||
sanitizing properly.
|
||||
|
||||
During static code analysis, check the following vulnerable methods.
|
||||
|
||||
The payload is essentially the same as in pure SQL injections.
|
||||
|
||||
**Python Django**
|
||||
|
||||
```python
|
||||
extra()
|
||||
raw ()
|
||||
```
|
||||
|
||||
**Node.js Sequelize**
|
||||
|
||||
```javascript
|
||||
sequelize.query()
|
||||
```
|
||||
|
||||
**PHP Eloquent ORM**
|
||||
|
||||
```PHP
|
||||
whereRaw()
|
||||
DB::raw()
|
||||
```
|
||||
|
||||
**Ruby on Rails Active Record**
|
||||
|
||||
```ruby
|
||||
where("name = '#{input}'")
|
||||
```
|
||||
|
||||
**Java Spring Hibernate**
|
||||
|
||||
```Java
|
||||
createQuery()
|
||||
```
|
||||
|
||||
## Identify the Framework in Use
|
||||
|
||||
Check the website's cookies and HTTP headers. Review the page source and see if
|
||||
you can find indicators like links and version numbers. Look for error messages
|
||||
sent as a response to the queries.
|
||||
|
||||
|
||||
Loading…
Reference in New Issue