Before I even attempt doing anything in this direction, is it possible to enter a string and get it represented in ascii? I am reading an article about XSS and SQL injections part of a course that I am taking now, and some of the tips are that people in this area should have scripts that do both way translation but I haven't used any scripts at all, so I wonder if it would be possible to do in java as well?
Slavi
94
Master Poster
Featured Poster
Recommended Answers
Jump to Postthis might answer some of those questions.
All 3 Replies
Hiroshe
499
Posting Whiz in Training
I'm not exactly sure what you mean by converting it into ascii. Ascii is just a way to assign characters values, and java already represents normal strings in ascii. If you want to get the value, you cast it (as mentioned above). I guess you can convert the value into a base 10 representation of the number in a string and save it (ie, 'A' -> 65 -> "65") to try to prevent SQLi/XSS.
One of my favourite methods of preventing SQLi would be using Ascii85 though. Using this, you basically re-encode the data using SQL/XSS safe characters (and it has the advantage that it does not need escaping, and it does not need sanitizing). It's also usefull for encoding any binary data as characters (though, not as popular as base64).
Slavi
94
Master Poster
Featured Poster
Thanks guys for answering :)
@Hiroshe, I am not trying to prevent SQLI/XSS but to simulate it, we have some vulnerable servers but they have some filtering, so using base 10 or Hx would be one of the solutions. I'll try to get some code running on this thanks
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.