SlideShare is now on Android. 15 million presentations at your fingertips.  Get the app

×
  • Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
 

SQL injection: Not only AND 1=1

by Computer Security Consultant at - on Mar 10, 2009

  • 54,308 views

The presentation has a quick preamble on SQL injection definition, sqlmap and its key features. ...

The presentation has a quick preamble on SQL injection definition, sqlmap and its key features.
I then illustrate into details common and uncommon problems and respective solutions with examples that a penetration tester faces when he wants to take advantage of any kind of web application SQL injection flaw on real world web applications, for instance SQL injection in ORDER BY and LIMIT clauses, single entry UNION query SQL injection, specific web application technologies IDS bypasses and more.

These slides have been presented at the Front Range OWASP Conference in Denver on March 5, 2009.

Statistics

Views

Total Views
54,308
Views on SlideShare
52,847
Embed Views
1,461

Actions

Likes
13
Downloads
1,042
Comments
2

59 Embeds 1,461

http://bernardodamele.blogspot.com 359
http://people.rit.edu 338
http://sqlinjections.blogspot.com 216
http://www.slideshare.net 197
http://www.pcsec.org 169
http://amxking.bokee.com 19
http://www.daxigua.com 18
http://sqlinjections.blogspot.in 15
http://bernardodamele.blogspot.in 14
http://www.scoop.it 13
http://4ppsecurity.blogspot.com 8
http://bernardodamele.blogspot.com.br 6
http://bernardodamele.blogspot.co.uk 6
http://bernardodamele.blogspot.it 5
http://static.slideshare.net 5
http://translate.googleusercontent.com 4
http://sqlinjections.blogspot.fr 4
http://bernardodamele.blogspot.kr 4
http://sqlinjections.blogspot.mx 4
http://bernardodamele.blogspot.com.es 3
http://bernardodamele.blogspot.de 3
http://bernardodamele.blogspot.fr 3
https://people.rit.edu 2
http://sqlinjections.blogspot.hu 2
http://sqlinjections.blogspot.be 2
http://bernardodamele.blogspot.pt 2
http://bernardodamele.blogspot.se 2
http://bernardodamele.blogspot.ca 2
http://sqlinjections.blogspot.co.uk 2
http://pinterest.com 2
http://sqlinjections.blogspot.com.au 2
http://webcache.googleusercontent.com 2
http://www.linkedin.com 2
http://bernardodamele.blogspot.com.tr 1
http://bernardodamele.blogspot.hk 1
http://sqlinjections.blogspot.ch 1
http://bernardodamele.blogspot.com.ar 1
http://bernardodamele.blogspot.ae 1
http://bernardodamele.blogspot.nl 1
http://sqlinjections.blogspot.co.at 1
http://bernardodamele.blogspot.jp 1
http://bernardodamele.blogspot.com.au 1
http://bernardodamele.blogspot.ch 1
http://sqlinjections.blogspot.jp 1
http://sqlinjections.blogspot.com.br 1
file:// 1
http://209.85.171.132 1
http://static.slidesharecdn.com 1
http://74.125.93.132 1
http://209.85.135.132 1
More...

Accessibility

Categories

Upload Details

Uploaded via SlideShare as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel

12 of 2 previous next

Post Comment
Edit your comment

SQL injection: Not only AND 1=1 SQL injection: Not only AND 1=1 Presentation Transcript