SQL injection: Not only AND 1=1
by Bernardo Damele A. G. on Mar 10, 2009
- 47,967 views
The presentation has a quick preamble on SQL injection definition, sqlmap and its key features. ...
The presentation has a quick preamble on SQL injection definition, sqlmap and its key features.
I then illustrate into details common and uncommon problems and respective solutions with examples that a penetration tester faces when he wants to take advantage of any kind of web application SQL injection flaw on real world web applications, for instance SQL injection in ORDER BY and LIMIT clauses, single entry UNION query SQL injection, specific web application technologies IDS bypasses and more.
These slides have been presented at the Front Range OWASP Conference in Denver on March 5, 2009.
© All Rights Reserved
- Embed Views
- Views on SlideShare
- Total Views