Is Amazon SimpleDB Injection Attack Safe?

Posted on September 18th, 2009

I hope as a developer you are well aware of SQL Injection attacks and if you aren’t, you’re living under a pretty big rock :)

It occurred to me recently that with more cloud based database technologies coming into existence that I have yet to see mention of this problem with those services. I think it is definitely something that warrants a good amount of research.

Initially I’m going to focus my efforts on Amazon’s simple db service since I’m actively using it. I’ll post my findings and any techniques to prevent discovered issues. Off the bat I’m guessing you can’t be too malicious since a delete request cannot be embedded into a select request however unwanted results are never good and a select looks like it could return more data than the developer was hoping for with a traditional attack.

If you have any thoughts on this or know of existing posts from other developers please comment! or post them on the multicore site.

Filed under Software |

One Response to “Is Amazon SimpleDB Injection Attack Safe?”

1. Chris Moschini Says:
   February 17th, 2010 at 10:38 pm

   It seems the following attack is viable on SimpleDB:

   Text field value:
   ‘ or a is null or a = 1′

   If you used this as part of the where clause without escaping single quotes, the quotes would escape your code’s quotes and effectively eliminate all constraints on the data returned.

   I’m not sure there are ways to inject more columns though, and there’s certainly no delete injection.

Leave a Reply