Pete Finnigan's SQL Server Security Blog

Cookie Policy:We only use essential cookies on small sections of this website. For details see here.

SQL Server Security
Blog Archives
Oracle Security
Oracle Security Blog

Greymatter Forums

October 2007

Atom 0.3 FEED
Powered by gm-rss 2.0.0

Valid XHTML 1.0!

Powered By Greymatter

Tuesday, October 16th

Time based blind SQL Injection

Yesterday I got an email from Chema Alonso to tell me about his recent paper "Time-Based Blind SQL Injection with Heavy Queries". This is an excellent summary paper of the technique and includes an example of how writing heavy (read, badly performing) queries and then controlling the execution of the badly performing bit to test whether a value (any value) in the database is above or below a value using a newton-raphson like technique. The idea is that is a value is TRUE or FALSE the query take either a long time to run or a short time. This means that the value can be arrived at based on the time the query takes to run. This enables SQL Injection to be used where the data is not returned to the hacker but he can control the query sent and also view the time taken for the query to respond. Nice paper.
Pete on 10.16.07 @ 10:16 AM GMT [link]

Wednesday, October 3rd

SQL Injection cheat sheet

Today I found a nice SQL Injection cheat sheet for MS SQL Server, MySQL, PostgeSQL and Oracle. The paper is quite comprehensive and covers a good spread of types of SQL injection attacks. Its also quite good that it tries to compare some of the attacks across different types of databases. If you primarily use SQL Server then take a look. The paper is called "SQL Injection Cheat Sheet".
Pete on 10.03.07 @ 10:00 AM GMT [link]