Entity SQL Injection Attacks
Entity SQL Injection Attacks
Entity SQL Injection Attacks
http://www.entityframeworktutorial.net/
https://docs.microsoft.com/en-us/dotnet/framework/data/adonet/ef/security-considerations
You should use parameterized queries instead of injecting literals from an external agent
directly into the query.
You should also consider using query builder methods to safely construct Entity SQL.
connectionString = string.Format("server=localhost;uid={0};pwd={1}",
usr.Text, pwd.Text);
The following security considerations apply when querying a conceptual model. These
considerations apply to LINQ queries using OpenAccessContext.
Applications frequently take external input (from a user or another external agent) and perform
actions based on that input. Any input that is directly or indirectly derived from the user or an
external agent might have content that uses the syntax of the target language in order to perform
unauthorized actions. When the target language is a Structured Query Language (SQL), such as
Transact-SQL, this manipulation is known as a SQL injection attack. A malicious user can inject
commands directly into the query and drop a database table, cause a denial of service, or
otherwise change the nature of the operation being performed.
SQL injection attacks - SQL injection attacks can be performed in SQL by supplying
malicious input to values that are used in a query predicate and in parameters names. To
avoid the risk of injection, you should never combine user input with SQL command text.
LINQ to OpenAccessContext injection attacks - although query composition is
possible in LINQ to OpenAccessContext, it is performed through the object model API.
Unlike SQL queries, LINQ to OpenAccessContext queries are not composed by using
string manipulation or concatenation, and they are not susceptible to traditional SQL
injection attacks.
A very large result set could cause the client system to shut down if the client is performing
operations that consume resources proportional to the size of the result set. Unexpectedly large
result set can occur under the following conditions:
In queries against a large database that do not include appropriate filter conditions.
In queries that create Cartesian joins on the server.
In nested queries.
When accepting user input, you must make sure that input cannot cause result sets to become
larger than what the system can handle. You can also use the Take method in LINQ to limit the
size of the result set.
Avoid returning IQueryable results when exposing methods to potentially untrusted callers
Avoid returning IQueryable types from methods that are exposed to potentially untrusted callers
for the following reasons:
A consumer of a query that exposes an IQueryable type could call methods on the result
that expose secure data or increase the size of the result set. For example, consider the
following method signature:
https://dotnetcoretutorials.com/2017/10/11/owasp-top-10-asp-net-core-sql-injection/
https://vulncat.fortify.com/en/detail?id=desc.dataflow.dotnet.connection_string_parameter_pollution#
Ruby
https://www.hacksplaining.com/prevention/sql-injection
https://www.sitepoint.com/how-to-protect-your-website-against-sql-injection-attacks/
http://www.unixwiz.net/techtips/sql-injection.html
https://www.dofactory.com/topic/1743/prevent-sql-injection-in-c.aspx