In this article we will learn about how we can handle user input properly to avoid different attacks on a web application.
Most of the web applications are designed in such a way that user can interact with it .To access all the features of a web application a user needs login id and password to login successfully! A typical login forms looks like in the image shown below .
Now here comes the main risk, an attacker can design a malicious input that will cause the web application to behave in an unintended manner , the malicious input may allow the attacker to login as admin or it may be used the reveal the information stored in the Database . So while developing such kind of authentication forms developer must filter out some symbols or words that an attacker can use to form a malicious input. So developer must be aware of these things while creating any kind of web application.
common things an attacker use
Let's take example of SQL injection that may allow attacker to fetch useful information from the database . So a very basic SQLi query looks like :
1' or '1'='1'#
1' or '1'='1'--
1' or 1=1#
1' or 1=1 --
These 4 queries are enough to break the authentication if the handling of user input is very poor .
Some good malicious queries may involve some common SQL queries that may include words like : select , null , information_schema,order by etc...
So developer must blacklist these things while developing a web application.
Now let's think about XSS vulnerability where an attacker can use a very simple test to check this vulnerability <script>alert("XSS")</script> so developer must block the use of HTML and JS while handling the user input. but this is not the only case because there are many things that can be used to check for XSS vulnerability . XSS vulnerability is not considered as dangerous as SQL injection but it effects the users , JS doesn't provide much access to user's file but still it can be very harmful. Sometimes attacker can also steal cookies and once the attacker steals them then it can be used to impersonate the victim because there are many ways by which an attacker can send the cookies at their own servers.
Common things used by attackers to test for the XSS vulnerability .
java script events
and there can be more like these.
This is some other kind of attack which can be used by attacker to bypass the filter applied by the developer . inserting a NULL byte before the blocked expression can cause some filters to stop processing . %00<script>alert("XSS")</script> is a basic example to test for the XSS vulnerability in the web application.
Some extra info.
Sometimes developer thinks that by blocking some common keywords they can prevent any attack but that's not the actual scenario . Attacker can also use some common type of encoded string to execute the malicious code for example any malicious code can be encoded in base64 format and this encoded malicious code can be decrypted itself in the input box . So there are many ways to exploit a web application . You must think like a hacker to prevent the web application from a hacker.
This is a very small guide about how to handle user input . Handling user input is the major part in a web application because these days we can't just trust any kind of user input.