Journal article

ANTAL Lukáš, BARABAS Maroš and HANÁČEK Petr. Kompromitace dat pomocí SQL Injection, část II. DSM Data Security Management. 2014, vol. 18, no. 2, pp. 32-35. ISSN 1211-8737.
Publication language:czech
Original title:Kompromitace dat pomocí SQL Injection, část II.
Title (en):Data compromise by SQL Injection, part II.
Pages:32-35
Place:CZ
Year:2014
Journal:DSM Data Security Management, Vol. 18, No. 2, CZ
ISSN:1211-8737
Files: 
+Type Name Title Size Last modified
icon2014-01-DSM-SQLi-II.pdf603 KB2015-08-12 09:37:33
^ Select all
With selected:
Keywords
attack, compromise, injection, OWASP, SQL, validation, web
Annotation
In previous work we described the classic SQL Injection exploits used for theft or modification of database data. After discovery of SQL injection in application, the goals of attacker do not have to stay only in database. The attacker can try with SQL Injection to read files on the local disk and even write to the disk, it may carry out an attack through XSS (Cross Site Scripting) and scan ports on the internal network.
BibTeX:
@ARTICLE{
   author = {Luk{\'{a}}{\v{s}} Antal and Maro{\v{s}} Barabas and Petr
	Han{\'{a}}{\v{c}}ek},
   title = {Kompromitace dat pomoc{\'{i}} SQL Injection,
	{\v{c}}{\'{a}}st II.},
   pages = {32--35},
   journal = {DSM Data Security Management},
   volume = {18},
   number = {2},
   year = {2014},
   ISSN = {1211-8737},
   language = {czech},
   url = {http://www.fit.vutbr.cz/research/view_pub.php?id=10667}
}

Your IPv4 address: 54.198.143.210
Switch to IPv6 connection

DNSSEC [dnssec]