O'Reilly logo

Seven Deadliest Web Application Attacks by Mike Shema

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Breaking the Query

The simplest way to check for SQL injection appends a single quote to a parameter. If the Web site responds with an error message, then at the very least it has inadequate input filtering and error handling. At worst, it will be trivially exploitable. (Some Web sites go so far as to place the complete SQL query in a URI parameter, for example, view.cgi?q=SELECT+name+FROM+db.users+WHERE+id%3d97. Such poor design is clearly insecure.) Using the single quote will not always work nor will rely on the site to display friendly error messages. This section describes different methodologies for identifying SQL injection vulnerabilities.

Breaking Naive Defenses

Databases, such as Web sites, support many character sets. Character ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required