|
Penetration Testing
mailing list archives
Re: [PEN-TEST] database security
From: Nicolas Gregoire <nicolas.gregoire () 7THZONE COM>
Date: Tue, 29 Aug 2000 20:23:09 +0200
Please first excuse my (so poor) english ...
David Jahne a écrit :
do you know any site which has some whitepapers about database security
issues especially on MS SQL, Oracle and
Sybase.
There is DB vulns (like the 'sa' password) and SQL hacking which is the
same (or nearly the same) on all SQL databases.
For example :
insert into test values
("","My Name","My Nick","My Password","My Address",100)
should insert a record for a member of the target web site, with a value
of 100 meaning "Normal User" (500 are for "Admin" account)
So a SQL-hacker can send in your form :
name = evil
nick = 31337
pass = haha
address = 33, avenue des Lilas",500) #
which is executed like :
insert into test values
("","evil","31337","haha","33, avenue des Lilas",500) #,100)
In MySQL, # or -- told the DB engine not to look after them.
So, looking to the DB, you evil-hacker is "Admin"
This is a very dummy technique.
I'm actually writing a paper on Perl/MySQL security problems, and I will
release it to the list if it can help you ...
 By Date 
By Thread
Current thread:
|
Intro
