RSS FullRecent Posts
Recent Comments
- luca on XSS in mysql_error()
- Jacob Tuscon on SQL Power Injector 1.2 released - TechRepublic
- MySQL Security » MySQL Security Update Fixes Restrictions Bypass and Library … on MySQL Security Update Fixes Restrictions Bypass and Library ...
Browse by Tag
ajax blog blog archive categories code css database database security databases development exploit flat guitar hosting injection internet javascript Links linux menu mysql MySQL Security network new news password perl mysql php php mysql security programming query really simple syndication registerwidget search security select seo server software sql sql injection technology update utf vulnerability web widgetinfo widgetmanager wordpress xml2 Interesting SQL Vectors.
Filed under modified, examples, benchmark, benchmarkmdxnull, ifpassword, select, injection
Like these examples I modified to work in a real SQL injection: SELECT IF(password > ‘1′, BENCHMARK(1000000,MD5(’x’)),null) FROM test SELECT IF(password > ‘09′, BENCHMARK(1000000,MD5(’x’)),null) FROM test SELECT IF(password > ‘09a’, …
Original post:
2 Interesting SQL Vectors.
June 26th, 2007. Comment now »
