SlideShare is now on Android. 15 million presentations at your fingertips.  Get the app

×
  • Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
 

Advanced SQL Injection Attack & Defenses

by Web Security at Portugal Telecom - SAPO on Nov 18, 2011

  • 1,371 views

The objective of this talk is to demonstrate how to subvert some SQLi (bad but popular) defenses and to show how to properly defend against SQLi attacks. ...

The objective of this talk is to demonstrate how to subvert some SQLi (bad but popular) defenses and to show how to properly defend against SQLi attacks.

We will cover topics such as:
- Blind SQLi attacks
- Timing SQLi attacks
- Encoding attacks
- How to subvert some filters
- How you should protect your code against SQLi attacks

Presented at Confraria Security & IT, 26/01/11 Lisbon

note: this is exactly the same talk as given in Codebits IV (2010), without the Codebits CTF qualifier explanation.
This talk was co-presented by me and Nuno Loureiro (http://www.slideshare.net/nuno.loureiro)

Statistics

Views

Total Views
1,371
Views on SlideShare
1,370
Embed Views
1

Actions

Likes
0
Downloads
49
Comments
0

1 Embed 1

http://www.linkedin.com 1

Accessibility

Categories

Upload Details

Uploaded via SlideShare as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
Post Comment
Edit your comment

Advanced SQL Injection Attack & Defenses Advanced SQL Injection Attack & Defenses Presentation Transcript