< Day Day Up > |
Having addressed Unix and Windows attacks in general, we will now briefly touch on the exciting, multi-platform area of attacking databases via SQL injection. This chapter covers various database attack methods and defense approaches and culminates in a real-life SQL injection attack against PHP-Nuke, a database-driven [1] open source web site framework that has displayed many of the flaws we describe.
|
< Day Day Up > |