SQL Injection Attacks by Example

Wednesday Jun 7th 2006 by DatabaseJournal.com Staff

There have been other papers on SQL injection, including some that are much more detailed, but this one shows the rationale of discovery as much as the process of exploitation.

[From Steve Friedl's Unixwiz.net Tech Tips ]

A customer asked that we check out his intranet site, which was used by the company's employees and customers. This was part of a larger security review, and though we'd not actually used SQL injection to penetrate a network before, we were pretty familiar with the general concepts. We were completely successful in this engagement, and wanted to recount the steps taken as an illustration.

The article continues at http://www.unixwiz.net/techtips/sql-injection.html

Mobile Site | Full Site
Copyright 2017 © QuinStreet Inc. All Rights Reserved