10/10/2005: "David Litchfield has a good paper on SQL Injection methods"
David Litchfield has a good new paper out titled "Data-Mining With SQL Injection and Inference" which talks about the methods for extracting data from a database when its not possible to get the data back through the same channel as the original query or even via a separate channel such as email. The method David discusses includes examples for SQL Injecting SQL Server and is called inference. This method shows how data presence or value in the database might be inferred by altering the known output or by causing a web server error or even by injecting a time delay in the application. This is a very interesting paper and well worth reading.