« Spam blacklists as denial-of-service attacks? | Main | Malware analysis: Troj/Winser-A »

December 27, 2004

Tech Tip: SQL Injection Attacks by Example

I recently did a penetration test for a customer, and for the first time was able to really go to town with SQL Injection to leverage access to a web application. SQL Injection is providing bogus input to a web form and getting my own input data treated as SQL, and it only works when the application does not properly sanitize input forms (sadly, a common malady).

The process was pretty interesting to me, and on the chance it might be to others, I wrote a Tech Tips that detailed the steps I took to gradually work my way inside.

Unixwiz.net Tech Tip: SQL Injection Attacks by Example

Posted at 05:41 PM in Tech Tips |

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00d8357ac57769e200d835490ddf53ef

Listed below are links to weblogs that reference Tech Tip: SQL Injection Attacks by Example:

» SQL Injection Attacks by Example from David, A Random Things Developer
Steve Friedl has published a tech tip on SQL injection. Although this was done with MSSQL as the target, it is worth looking into since the same can be done with MySQL and others. [Read More]

Tracked on December 31, 2004 at 05:51 AM

Comments

dmonnier

Excellent article Steve.

Posted by: dmonnier | January 18, 2005 at 08:50 PM

Chris

Steve,

I liked your article, but you never mentioned using regex to validate the user input. If you use regex, you can check the string the user entered and therefore easily determine if they have entered anything other than an email address [even though the email address may not be a valid address].

Posted by: Chris | May 05, 2005 at 11:39 AM

Verify your Comment

Previewing your Comment

Posted by:  | 

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment

ABOUT STEVE

  • Steve Friedl is a software and network security consultant in Southern California. He has been a C and UNIX developer since 1981 and has an exceptionally broad background in this area. Some areas of expertise include:

    • C and C++ systems software development on the UNIX and Win32 platforms
    • Communications, including serial and TCP/IP based controllers
    • Enterprise internet security administration and configuration
    • Penetration tests, audits, and network reviews
    • Security forensics, reverse engineering, and tools development
    • General UNIX and Windows system/network administration
    • The Windows Printing System
    • Database software development
    • Technology problem solving and research
    • Technical writing and standup training

Recent Posts

Categories

Archives

Unix Wiz

Stephen J. FriedlSoftware ConsultantOrange County, CA USASteve@unixwiz.net