SQL Injection Code Sample Run

2025-12-16 10:43:05 +01:00 · 2024-12-03 14:32:14 -08:00
parent 75ed1f7b00
commit a2466b0a2d
7 changed files with 315 additions and 111 deletions
--- a/SqlInjection-source.ql
+++ b/SqlInjection-source.ql
@@ -0,0 +1,22 @@
+/**
+ * @name SQLI Vulnerability
+ * @description Using untrusted strings in a sql query allows sql injection attacks.
+ * @kind problem
+ * @id workshop/sqlivulnerable
+ * @problem.severity warning
+ */
+
+import csharp
+
+/*
+ * 1. Identify the /source/ part of the
+ * : Console.ReadLine()?.Trim() ?? string.Empty;
+ * : read(STDIN_FILENO, buf, BUFSIZE - 1);
+ * expression, the =Console.ReadLine()= call.
+ */
+
+from MethodCall call
+where
+  call.getTarget().getDeclaringType().hasFullyQualifiedName("System", "Console") and
+  call.getTarget().getName() = "ReadLine"
+select call, "Source identified: " + call.toString()