SQL injection attacks and countermeasures in PHP, and Cross-Site Request Forgery

Abstract: Websites have become a vital tool for any establishment's success. However, all users do not enter websites with good intentions. Two commonly seen website functionalities are a login system and the possibility for users to leave and read reviews. To evaluate the vulnerability of login systems to injection attacks, two SQL injection attacks bypassing authentication and one error-based SQL injection attack were executed. Three different countermeasures in PHP against these attacks were then evaluated, which were not allowing quotes as input, escaped statements and parameterized queries. In addition, a malicious review was written to initiate a potential Cross-Site Request Forgery attack. Client-side input sanitizing was evaluated as a countermeasure which only allowed letters, numbers, spaces and periods. The attacks and countermeasures were implemented and evaluated by locally hosting a self-made website. We found that parameterized queries were the most effective in preventing SQL injection attacks. Additionally, the study revealed that initiating Cross-Site Request Forgery attacks was possible through the review functionality by redirecting users to a malicious website. Client-side input sanitizing was found to be an ineffective countermeasure against CSRF attacks.