Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

SQL Injection Attacks by Example

From: Steve Friedl <steve () unixwiz net>
Date: Sun, 2 Jan 2005 10:45:02 -0800
Hello listmates,

I've written what I think is a decent introduction to the topic, mainly
intended to "make real" the danger to a web developer who has heard of
the subject but not actually really dug in. I talk about a test where
I had to penetrate a web application, and it wasn't "just one step" -
the steps before compromise were mostly interesting too.

        Unixwiz.net Tech Tip: SQL Injection Attacks by Example
        http://www.unixwiz.net/techtips/sql-injection.html

Nothing here is new or groundbreaking, but I gave an onsite presentation
of this to the customer involved, and it seemed to be a fairly vivid
experience watching their application completely compromised right before
their eyes.

Happy New Year!

Steve

--- 
Stephen J Friedl | Security Consultant |  UNIX Wizard  |   +1 714 544-6561
www.unixwiz.net  | Tustin, Calif. USA  | Microsoft MVP | steve () unixwiz net
Previous By Date Next
Previous By Thread Next

Current thread: