Penetration Testing mailing list archives

Re: SQL injection

From: Tim <tim-pentest () sentinelchicken org>
Date: Thu, 9 Jun 2005 21:45:14 -0400

Detecting SQL injection with signatures alone, especially the
relatively straight forward signatures used in most IDS and IPS systems
is difficult. While some SQL injection attacks would be detected many
others would not.


Yes, thank you for stating this.

I am sure many IPS/IDSes are great for stopping a lot of attacks.  I
find it incredibly hard to believe that they stop all.  It is far better
to write good code in the first place.

To those people out there who recommended this or that IPS/IDS:  
Have you tested these against real attacks?  Have you tried diligently
to bypass them with obfuscation/fragmentation/etc?

tim

Current thread:

Re: SQL injection, (continued)
- Re: SQL injection Davi Ottenheimer (Jun 09)
- RE: SQL injection Bénoni MARTIN (Jun 09)
- Re: RE: SQL injection travis . barlow (Jun 09)
- RE: SQL injection Ofer Shezaf (Jun 09)
  - RE: SQL injection Hecber Cordova (Jun 09)
    - Exploit Repositories and Due Diligence Jeff (Jun 09)
    - RE: Exploit Repositories and Due Diligence Leandro Reox (Jun 09)
    - RE: Exploit Repositories and Due Diligence Sahir Hidayatullah (Jun 10)
    - RE: Exploit Repositories and Due Diligence Carl Tucker (Jun 14)
    - RE: Exploit Repositories and Due Diligence Carl Tucker (Jun 20)
  - Re: SQL injection Tim (Jun 09)
    - Re: SQL injection James Riden (Jun 09)
  - RE: SQL injection Leandro Reox (Jun 09)
- RE: SQL injection Todd Towles (Jun 09)
  - RE: SQL injection Leandro Reox (Jun 10)
    - Re: SQL injection Hernán M . Racciatti (Jun 10)
    - Re: SQL injection DokFLeed (Jun 10)
- RE: SQL injection Faisal Khan (Jun 12)
  - RE: SQL injection Faiz Ahmad Shuja (Jun 12)