Dailydave mailing list archives
Re: Quick thread on SQLi
From: Mary Landesman <marylande () gmail com>
Date: Wed, 7 Mar 2012 12:31:36 -0500
Not all compromised sites are a result of SQLi. Actually, SQLi is a lower percent; most compromises today result from stolen FTP credentials, weak upload permissions, or leveraging pre-existing PHP backdoors left in other attacks.
-- Mary On Mar 7, 2012, at 12:09 PM, allison nixon wrote:
"Can be found remotely by someone with a minimum of time and effort" almost certainly means compromised and already distributing malware. so if there is any database of hacked sites as a percentage of legitimate sites... then there you have it.On Wed, Mar 7, 2012 at 11:01 AM, Dave Aitel <dave () immunityinc com> wrote:I know it's been a decade, and everyone is sick of talking about SQLi,but none-the-less, I was chatting with a bunch of people about it at RSAand I wanted to throw out a metric to see if we can get consensus. The metric is this: How many websites have remote anonymous SQLi as a percentage. Obviously you're going to find more SQLi if you have authentication, or are doing static analysis on their code. But that'salmost unfair. So let's just look at: "Can be found remotely by someonewith a minimum of time and effort".My theory is 5%, and one of the companies who does this also thought 5%sounded reasonable.I think it's an interesting number to have, and if anyone wants to chimein, feel free! --INFILTRATE 2013 January 10th-11th in Miami - the world's best offensive information security conference.www.infiltratecon.com _______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com http://lists.immunityinc.com/mailman/listinfo/dailydave -- _________________________________ Note to self: Pillage BEFORE burning. _______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com http://lists.immunityinc.com/mailman/listinfo/dailydave
_______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com http://lists.immunityinc.com/mailman/listinfo/dailydave
Current thread:
- Quick thread on SQLi Dave Aitel (Mar 07)
- Re: Quick thread on SQLi allison nixon (Mar 07)
- Re: Quick thread on SQLi Mary Landesman (Mar 07)
- Re: Quick thread on SQLi Jamie Riden (Mar 07)
- Re: Quick thread on SQLi Tom Brennan (Mar 07)
- Re: Quick thread on SQLi Michal Zalewski (Mar 08)
- Re: Quick thread on SQLi Dave Aitel (Mar 08)
- Re: Quick thread on SQLi Thomas Ptacek (Mar 08)
- Re: Quick thread on SQLi Michal Zalewski (Mar 08)
- Re: Quick thread on SQLi Dean Pierce (Mar 09)
- Re: Quick thread on SQLi Wim Remes (Mar 09)
- Re: Quick thread on SQLi Thomas Ptacek (Mar 09)
- Re: Quick thread on SQLi Nate Lawson (Mar 09)
- Re: Quick thread on SQLi Dave Aitel (Mar 08)
- Re: Quick thread on SQLi allison nixon (Mar 07)