Autarchy of the Private Cave

• Categories

  Select Category*nixAffiliate programsArtificial Intelligence   Agents   Machine learning   Robotics   TechnologiesBooksComparisonHardwarehow-toHumourKyivLifeLinksMiscMoviesNotepadPersonalProgramming   Ada   OS   PHP   Python   XHTML/CSSqotdRantScience   Bioinformatics   Systems BiologySocietySoftware   SecurityStartupsUkraineWeb   CMS   Drupal   WP PlugInsWelfare

• Tags list

  blog btrfs bug CMS convert data database Debian development drupal example ffmpeg FireFox fix free gallery2 git google HDD hosting how-to http linux microarray module mysql package performance PHP plugin problem project management Python R repository server shared hosting spam statistics tool Ukraine update upgrade windows wordpress

• Related entries

  1. SQL injection: RIAA example
  2. Drupal theme development: where to start
  3. WordPress and Google Analytics external nofollow problem in comment links
  4. Flash video in Drupal (links)
  5. Megahack of Stratfor

• Subscribe

  

  Subscribe to RSS feed.

  Desktop Reader Bloglines Feedly Live Netvibes Yahoo!

• Archives

  Select Month December 2022 October 2022 October 2018 August 2018 July 2018 September 2017 August 2017 February 2017 December 2016 June 2016 May 2016 April 2016 March 2016 February 2016 January 2016 December 2015 July 2015 May 2015 April 2015 March 2015 February 2015 October 2014 September 2014 August 2014 April 2014 March 2014 January 2014 December 2013 November 2013 October 2013 August 2013 July 2013 June 2013 August 2012 June 2012 May 2012 February 2012 January 2012 December 2011 October 2011 August 2011 May 2011 April 2011 March 2011 February 2011 January 2011 December 2010 November 2010 October 2010 September 2010 August 2010 July 2010 June 2010 May 2010 April 2010 March 2010 February 2010 January 2010 December 2009 November 2009 October 2009 September 2009 August 2009 July 2009 June 2009 May 2009 April 2009 March 2009 February 2009 January 2009 December 2008 November 2008 October 2008 September 2008 August 2008 July 2008 June 2008 May 2008 April 2008 March 2008 February 2008 December 2007 November 2007 October 2007 September 2007 August 2007 July 2007 June 2007 May 2007 April 2007 March 2007 February 2007 January 2007 December 2006 November 2006 October 2006 September 2006 August 2006 July 2006 June 2006

• Recent comments

  • JT on How to truncate git history (sample script included)
  • Charlotte Semaan on How to fix: Xiaomi Mi Band stopped tracking steps and sleep
  • SAM on How to fix: Xiaomi Mi Band stopped tracking steps and sleep
  • SY on Convert MySQL database from one encoding/collation into another
  • Bogdan on Citation and reference managers for Linux: short overview

• Meta

  • Log in

SQL injection walkthrough

11th May 2009

SecuriTeam has an old, but still very useful article on SQL injection.

I’ve created a PDF of that article, containing some of the comments (all the ‘thank-you’ and ‘help-me-hack’ comments were removed): sql injection walkthrough pdf download.

Note: there were no specific license terms attached to the article; I believe that the word “free” on the SecuriTeam site logo refers to the “right of free use and copying”. If you know this is not the case – please let me know to remove this PDF from public access. (see Brian’s comment)

This entry was posted on Monday, May 11th, 2009 at 15:41 and is filed under how-to, Links, Software, Web. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.

3 Responses to “SQL injection walkthrough”

1. Brian Pearce Says:
   May 13th, 2009 at 0:06

   Hi,

   Your use of the article on SQL injection is fine.

   FYI: The term ‘free’ on our web site relates to having no cost.

   Your nice layout that includes our URL in the footer is good.

   Question: I’d like to find someone who would like to do a review on web site scanning tools. Do you know of anyone who does that kind of writing?

   Brian

2. Bogdan Says:
   May 13th, 2009 at 10:37

   Hi Brian,

   thanks for granting permission on the PDF version of the article.

   Unfortunately, I do not know anyone capable of both doing a review you want and then writing it.

   I would be interested in doing that myself, but I’m not really a specialist in web-security (despite being an experienced LAMP programmer), and still would expect some kind of a bonus/reward for this kind of effort If that sounds fine, then I might come up with a review of 2-4 tools within several weeks (testing them on my sites). Initial tool suggestions would be welcome then. Contact form sends an email right to my inbox.

3. Bogdan Says:
   May 18th, 2009 at 15:33

   sqlmap package has recently become available in Debian testing, and it performs automated SQL injection analysis.
   I’ve just installed it, might post later my experience using it.

Leave a Reply