SQL Injection Attacks by Example

From: Steve Friedl (steve@unixwiz.net)
Date: Sun Jan 02 2005 - 13:45:02 EST

• Next message: BillyBob: "To moderator - disregard my last post "what tools can verify...""
• Previous message: Alfred Huger: "Happy New Year!"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hello listmates,

I've written what I think is a decent introduction to the topic, mainly
intended to "make real" the danger to a web developer who has heard of
the subject but not actually really dug in. I talk about a test where
I had to penetrate a web application, and it wasn't "just one step" -
the steps before compromise were mostly interesting too.

        Unixwiz.net Tech Tip: SQL Injection Attacks by Example
        http://www.unixwiz.net/techtips/sql-injection.html

Nothing here is new or groundbreaking, but I gave an onsite presentation
of this to the customer involved, and it seemed to be a fairly vivid
experience watching their application completely compromised right before
their eyes.

Happy New Year!

Steve

---
Stephen J Friedl | Security Consultant | UNIX Wizard | +1 714 544-6561
www.unixwiz.net | Tustin, Calif. USA | Microsoft MVP | steve@unixwiz.net

• Next message: BillyBob: "To moderator - disregard my last post "what tools can verify...""
• Previous message: Alfred Huger: "Happy New Year!"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:11 EDT