Chapter 16. SQL Injection

 <  Day Day Up  >  

Having addressed Unix and Windows attacks in general, we will now briefly touch on the exciting, multi-platform area of attacking databases via SQL injection. This chapter covers various database attack methods and defense approaches and culminates in a real-life SQL injection attack against PHP-Nuke, a database-driven [1] open source web site framework that has displayed many of the flaws we describe.

[1] "Database-driven" is used to specify an application linked to a backend database for data storage, authentication, and other purposes.

 <  Day Day Up  >  


Security Warrior
Security Warrior
ISBN: 0596005458
EAN: 2147483647
Year: 2004
Pages: 211

Similar book on Amazon

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net