Home page logo

basics logo Security Basics mailing list archives

Re: why most sql injection is not occurred at mysql?
From: "Brian Daniel Beck" <beckbria () msu edu>
Date: Tue, 23 Oct 2007 12:36:32 -0400

MontyRee writes:
Surely I have seen sql injection is occurred at mysql.
but in my short experience, most sql injection is occurred at ms-sql or oracle based not mysql. I don't know why.
Any idea?

First off, as you state, injection attacks for MySQL are certainly possible. If it is the case that Oracle and MS-SQL are more common targets, I would argue that it is because most databases worth exploiting (corporate sites, etc.) run on Oracle or other such databases rather than MySQL. -Brian Beck

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]