Summary

Previous page
Table of content
Next page

Many applications, especially Web-based ones, use databases to store user data. By using the information and techniques presented in this chapter, you should be able to identify places where your application uses user-supplied data and how you might be able to break out of a SQL statement to cause a SQL injection bug. From an attackers perspective, SQL injection bugs are a prime target because they can lead to all types of attacks, such as database manipulation and system command execution. Also, injection bugs arent just limited to SQL: several other technologies have similar vulnerabilities if they allow malicious input to alter the logic of the application.


Previous page
Table of content
Next page
Hunting Security Bugs
Hunting Security Bugs
ISBN: 073562187X
EAN: 2147483647
Year: 2004
Pages: 156
Authors: Tom Gallagher, Lawrence Landauer, Bryan Jeffries
BUY ON AMAZON
Metrics and Models in Software Quality Engineering (2nd Edition)
Cisco IP Telephony (CIPT) (Authorized Self-Study) (2nd Edition)
Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Input Validation & More
Practical Intrusion Analysis: Prevention and Detection for the Twenty-First Century: Prevention and Detection for the Twenty-First Century
GO! with Microsoft Office 2003 Brief (2nd Edition)
Lean Six Sigma for Service : How to Use Lean Speed and Six Sigma Quality to Improve Services and Transactions
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy