SQL injection: Not Only AND 1=1 (updated)
by Bernardo Damele A. G., Computer Security Consultant at - on Jun 30, 2009
- 23,562 views
The presentation has a quick preamble on SQL injection definition, sqlmap and its key features. ...
The presentation has a quick preamble on SQL injection definition, sqlmap and its key features.
I will then illustrate into details common and uncommon problems and respective solutions with examples that a penetration tester faces when he wants to take advantage of any kind of web application SQL injection flaw on real world web applications, for instance SQL injection in ORDER BY and LIMIT clauses, single entry UNION query SQL injection, specific web application technologies IDS bypasses and more.
These slides have been presented at the 2nd Digital Security Forum in Lisbon on June 27, 2009.
Updated version of http://www.slideshare.net/inquis/sql-injection-not-only-and-11.
- Total Views
- Views on SlideShare
- Embed Views