UtterAccess.com
X   Site Message
(Message will auto close in 2 seconds)

Welcome to UtterAccess! Please ( Login   or   Register )

Custom Search
 
   Reply to this topicStart new topic
> SQL Injection Attack On Db Front End, Access 2010    
 
   
SemiAuto40
post Mar 14 2019, 03:41 PM
Post#1



Posts: 695
Joined: 3-April 12
From: L.A. (lower Alabama)


I have a split DB with username and password controls on the login form. The DB backend is password protected during the database split action of Access. The user name (if valid) on the login form is used to retrieve the previously generated random Salt from the backend. The login form hashes the form password with the Salt and compares with that result to the previously stored result in the backend tbl_Employees. *The question is this: I recently made a new user registration form and want to know if there is a vulnerability there that ca be exploited?

Thanks in advance,
Go to the top of the page
 
Doug Steele
post Mar 14 2019, 08:47 PM
Post#2


UtterAccess VIP
Posts: 22,191
Joined: 8-January 07
From: St. Catharines, ON (Canada)


See whether SQL Injection for Microsoft Access helps.

--------------------
Doug Steele, Microsoft Access MVP (2000-2018)
Personal webpage
Microsoft profile
Co-author: Access Solutions: Tips, Tricks, and Secrets from Microsoft Access MVPs, published by Wiley
Co-author: Effective SQL: 61 Specific Ways to Write Better SQL, published by Addison-Wesley Professional
Technical Editor: Access 2010 Bible, Access 2013 Bible, Access 2016 Bible, all published by Wiley
Technical Editor: SQL Queries for Mere Mortals: A Hands-On Guide to Data Manipulation in SQL, 4th Edition, published by Addison-Wesley Professional
Go to the top of the page
 
SemiAuto40
post Mar 15 2019, 01:39 PM
Post#3



Posts: 695
Joined: 3-April 12
From: L.A. (lower Alabama)


Thank you Doug! I was looking to see if there was a way to do a SQL injection attack on my registration form which is not web based but on the company intranet. I will save the resource.
This post has been edited by SemiAuto40: Mar 15 2019, 01:40 PM
Go to the top of the page
 


Custom Search


RSSSearch   Top   Lo-Fi    16th September 2019 - 05:50 PM