sql injections through orm
This commit is contained in:
parent
f58719ad6a
commit
a5459ae447
|
|
@ -0,0 +1,49 @@
|
||||||
|
# Object Relational Model (ORM)
|
||||||
|
|
||||||
|
Direct user input through the ORM may contain vulnerabilities we can exploit.
|
||||||
|
There are vulnerabilities similar to raw SQL queries, when not validating and
|
||||||
|
sanitizing properly.
|
||||||
|
|
||||||
|
During static code analysis, check the following vulnerable methods.
|
||||||
|
|
||||||
|
The payload is essentially the same as in pure SQL injections.
|
||||||
|
|
||||||
|
**Python Django**
|
||||||
|
|
||||||
|
```python
|
||||||
|
extra()
|
||||||
|
raw ()
|
||||||
|
```
|
||||||
|
|
||||||
|
**Node.js Sequelize**
|
||||||
|
|
||||||
|
```javascript
|
||||||
|
sequelize.query()
|
||||||
|
```
|
||||||
|
|
||||||
|
**PHP Eloquent ORM**
|
||||||
|
|
||||||
|
```PHP
|
||||||
|
whereRaw()
|
||||||
|
DB::raw()
|
||||||
|
```
|
||||||
|
|
||||||
|
**Ruby on Rails Active Record**
|
||||||
|
|
||||||
|
```ruby
|
||||||
|
where("name = '#{input}'")
|
||||||
|
```
|
||||||
|
|
||||||
|
**Java Spring Hibernate**
|
||||||
|
|
||||||
|
```Java
|
||||||
|
createQuery()
|
||||||
|
```
|
||||||
|
|
||||||
|
## Identify the Framework in Use
|
||||||
|
|
||||||
|
Check the website's cookies and HTTP headers. Review the page source and see if
|
||||||
|
you can find indicators like links and version numbers. Look for error messages
|
||||||
|
sent as a response to the queries.
|
||||||
|
|
||||||
|
|
||||||
Loading…
Reference in New Issue