Related Posts Plugin for WordPress, Blogger...

SQL Injection - Defcon 17 advanced

Posted by VdoCity Monday, September 19, 2011

According to the OWASP top 10 vulnerabilities of 2010, the SQL injection vulnerability is more dangerous and more common in all, a SQL injection vulnerability occurs due to improper input validation or validation of entries in all, I mean improper or no input validation is the user input is not filtered (to escape characters) before being passed to the SQL database, a SQL injection attack can be any number of ways, but generally classified into 3 types:

1. In-band
2. Out of band
3. Inferential

While browsing the Internet, I found an excellent presentation on advanced SQL Injection techniques for John McCray, In this presentation, John Mccray discusses some of the advanced methods and SQL injection issues such as IDS evasion, etc. pass filter by.


Post a Comment