NE #11: The little Bobby Tables
Part 11 of the Nerd Encyclopedia about a nut with hacker skills…
Little Robert “Bobby” table is the subject of a comic by xkcd (a rather legendary collection of web comics by Randall Munroe). The comic about Bobby Tales is titled “Exploits of a Mom ” [XKCD2]. An exploit describes how to exploit a security vulnerability in computer systems. The comic is about a student whose mother gives her son the following name — of course only temporarily:
Robert’); DROP TABLE Students;
A special string is passed via an input mask to the system, which takes over it unchecked and is thus “coated” to an unwanted action. The goal does not necessarily have to be the deletion of data, and the retrieval of critical information such as passwords is also conceivable.
The moral of the story, which is addressed to the developers of input forms or database interfaces: Check the input of your users.
