Tag Archive | "hacking"

Tags: ,

SQL injection and Amazing Hacking Issue


Even had a generic code, how do hacker find victim quickly? The answer is  Google search

– try "inurl:login.asp" / "inurl:search.asp" and yiu will see. Beside, there is some more reference on SQL injection:

General Prevention
http://blogs.ittoolbox.com/windo … ection-attack-15364

ASP.NET prevention
http://msdn.microsoft.com/en-us/library/bb355989.aspx

ASP Filter
http://blogs.iis.net/nazim/archi … om-classic-asp.aspx

General Hacking
http://www.acunetix.com/websitesecurity/sql-injection.htm
http://www.informit.com/articles … 170880&seqNum=3

PHP +MySQL Hacking
http://www.tizag.com/mysqlTutorial/mysql-php-sql-injection.php

Demo of SQL injection and the way to prevent it
http://www.sitepoint.com/article/sql-injection-attacks-safe

Time-delayed blind sql injection
http://www.microsoft.com/technet … /secmvp/sv0907.mspx
http://www.ngssoftware.com/papers/more_advanced_sql_injection.pdf

Massive injection
http://hackademix.net/2008/04/26/mass-attack-faq/
http://blogs.iis.net/bills/archi … is-web-servers.aspx

Cheat sheet
http://michaeldaw.org/sql-injection-cheat-sheet/

Share

Posted in SQL ServerComments (3)