New SQL Injection Whitepaper

From: Chris Anley (chris@ngssoftware.com)
Date: 01/31/02

Previous message: spi labs: "SPI Labs SQL Injection Whitepaper Available"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "Chris Anley" <chris@ngssoftware.com>
To: <bugtraq@securityfocus.com>
Date: Thu, 31 Jan 2002 15:37:42 -0000

Hi folks,

I've just completed a Microsoft SQL Server 'injection' whitepaper, that can
be downloaded from

http://www.ngssoftware.com/papers/advanced_sql_injection.pdf

At least half of the sites I've audited have been vulnerable to some form of
SQL injection; I think it's important that people fully understand the
issues.

The paper contains information on a variety of attacks, including
second-order SQL injection, automation scripts and audit evasion. It also
discusses input validation and (briefly) secure builds. The intention is to
raise awareness of the rich variety of SQL injection attacks, in order to
encourage people to fix these issues in their applications.

Cheers,

-chris.

Previous message: spi labs: "SPI Labs SQL Injection Whitepaper Available"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Official release of SQL Power Injector 1.2
... One of the major improvements is an innovative way to optimize and accelerate the dichotomy in the Blind SQL injection, saving time/number of requests up to 25%. ... Also another great time saver is a new Firefox plugin that will launch SQL Power Injector with all the information of the current webpage with its session context. ... No more time wasted to copy paste the session cookies after you logged... ...
(Bugtraq)
Official release of SQL Power Injector 1.2
... One of the major improvements is an innovative way to optimize and accelerate the dichotomy in the Blind SQL injection, saving time/number of requests up to 25%. ... Also another great time saver is a new Firefox plugin that will launch SQL Power Injector with all the information of the current webpage with its session context. ... No more time wasted to copy paste the session cookies after you logged... ...
(Pen-Test)
Official release of SQL Power Injector 1.2
... One of the major improvements is an innovative way to optimize and accelerate the dichotomy in the Blind SQL injection, saving time/number of requests up to 25%. ... Also another great time saver is a new Firefox plugin that will launch SQL Power Injector with all the information of the current webpage with its session context. ... No more time wasted to copy paste the session cookies after you logged... ...
(Security-Basics)
Official release of SQL Power Injector 1.1
... I have the pleasure to announce that a new version of SQL Power Injector is now officially available on my web site: ... For now it is SQL Server, Oracle and MySQL compliant, but it is possible to use it with any existing DBMS when using the inline injection (Normal ... Response of the SQL injection in a customized browser ...
(Pen-Test)
[Full-disclosure] OTRS 1.x/2.x Multiple Security Issues
... OTRS, the Open Source Ticket Request System, is a trouble ... ranging from cross site scripting to SQL injection. ... A malicious user may be able to conduct blind SQL code ... an attacker may be able to exploit this issue. ...
(Full-Disclosure)