5 Links from Around the Web (2007-05-25)
Friday, May 25th, 2007
Links to interesting, educational, informational, or just plain fun websites…
Posts Tagged ‘sql-injection’
Indirect Privilege Escalation And Defeating Virtual Private Databases
Monday, January 29th, 2007
David Litchfield has just published two chapters from his book The Oracle Hacker’s Handbook: Hacking and Defending Oracle.
Indirect Privilege Escalation (PDF)
In this chapter, David gives two examples, one with CREATE ANY TRIGGER and another with CREATE ANY VIEW to demonstrate how these privileges can be abused to gain DBA privileges. In fact, a user who […]
links for 2006-10-06
Friday, October 6th, 2006
Everything you wanted to know about SQL injection
Review of several types of SQL injection attacks and how they occur and what web developers and end users can do to prevent them.
[…]
Indirect Privilege Escalation And Defeating Virtual Private Databases
Monday, January 29th, 2007
David Litchfield has just published two chapters from his book The Oracle Hacker’s Handbook: Hacking and Defending Oracle.
Indirect Privilege Escalation (PDF)
In this chapter, David gives two examples, one with CREATE ANY TRIGGER and another with CREATE ANY VIEW to demonstrate how these privileges can be abused to gain DBA privileges. In fact, a user who […]
links for 2006-10-06
Friday, October 6th, 2006
Everything you wanted to know about SQL injection Review of several types of SQL injection attacks and how they occur and what web developers and end users can do to prevent them. […]
Hope everything is working out...
