5

I have an app, and the username field will convert any given value to the integer value using integer.parseint. The app uses JSP and Oracle database.

The URL has been tested with SQLMap and it is not dynamic. So, the only way I can try is via the login form, but I could not bypass it.

When I put ' or 1=1, -- ,the server return error, error for input string.

I want to inject the field, so, how can it be done?

I don't know whether I can use the alternate encoding because it will convert that to integer anyway.

Improve this question

1 Answer 1

Reset to default
6

It can't be done.

If the value is parsed as an integer, it can no longer contain any harmful code.

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

thnks.. i tried to provide the tautology in pwd field..i bypassed the login but i don't know where the id comes from and there is missing contents.. any other ways to use sqlia here?
However, that doesn't mean that the integer value that you're entering makes sense. You might still be able to enumerate all the values from that query using Direct Object Reference. Just because it's not vulnerable to SQL injection doesn't mean that it's not vulnerable to anything else. (Also, if it's parseDouble, there's a JVM race condition in Sun JVM's).
On the flip side, as a developer, this doesn't mean it's okay to not parameterize integer types in SQL statements: aside from being sloppy code, it also potentially means the SQL optimization engine won't re-use query plans as the parameters change. Some SQL implementations do have the ability to recognize and re-use plans for statements with in-line values (though support varies, and they may have problems with complex queries), but using parameters removes the question around this and reduces the work done on the SQL side.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.