Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

And More Advanced SQL Injection...

from [Stefano Di Paola] Network Security [Permanent Link]
Subject: And More Advanced SQL Injection...
Date: Tue, 21 Sep 2004 01:49:14 +0200 
Good morning,
I'm proud to announce that a new White Paper has been released.
English version can be downloaded on : http://www.wisec.it/docs.php

Title:
"...and More Advanced Sql Injection
SiXSS, SiHRS and the Client Side SQL Injection"

Abstract:
How much a Sql Injection is a hard vulnerability?
It is supposed to be a way of gaining server side informations,
execution of arbitrary commands, gaining of admin privileges in a web
based forum and so on..
In short SQL Injection is supposed to be a server side vulnerability but
sometimes it could be a client side one too. 
Public and home-made CMS (Content Management System) are widely used on
web servers, for a lot of reasons; one reason for all is text and URLs
indexing and retrieving.
This paper addresses a couple of alternative ways of using SQL
Injection. 
Let's suppose we are the developers of a CMS (Content Management System)
and this CMS was used by a bank...
Let's suppose we accidentally left a SQL Injection vulnerability on a
page.
But wait! No problem! We created a user with no file permissions and so
on, no sensitive information on the database, no web forum and nothing
left on the server...
It may still remain some problems...


Hope you will enjoy.

Any comments will be appreciated.

Regards,
Stefano Di Paola

....----oOOo-------oOOo----....
Stefano Di Paola
Software Engineer
stefano.dipaola_at_wisec_dot_it
stefano.dipaola1_at_tin_dot_it
--------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • And More Advanced SQL Injection..., Stefano Di Paola <=
Previous by Date:  RE: Web Application Tester, Lachniet, Mark
Next by Date:  RE: LDAP Pentest, Clement Dupuis
Previous by Thread:  LDAP Pentest, andre lista
Next by Thread:  Multiple Vulnerabilities in Symantec Enterprise Firewall/Gateway Security Products, Mike Sues
Indexes:  [Date] [Thread] [Top] [All Lists]