Journal article

ANTAL Lukáš, BARABAS Maroš and HANÁČEK Petr. Kompromitace dat pomocí SQL Injection, část III. DSM Data Security Management. 2014, vol. 18, no. 3, pp. 25-29. ISSN 1211-8737.
Publication language:czech
Original title:Kompromitace dat pomocí SQL Injection, část III.
Title (en):Data compromise by SQL Injection, part III.
Pages:25-29
Place:CZ
Year:2014
Journal:DSM Data Security Management, Vol. 18, No. 3, CZ
ISSN:1211-8737
Files: 
+Type Name Title Size Last modified
icon2014-01-DSM-SQLi-III.pdf788 KB2015-08-10 19:46:44
^ Select all
With selected:
Keywords
attack, compromise, injection, OWASP, SQL, validation, web
Annotation
In previous parts of this series it was described the possibility of abuse SQL Injection vulnerability to retrieve data from a database, reading local files from the disk and writing, invoking XSS and port scanning. In this final episode it will be shown that the SQL Injection implies even more serious risk than any previously described, and that is the possibility of compromise of the operating system level. In conclusion, the article will be also discuss possibilities of defense against this vulnerability.
BibTeX:
@ARTICLE{
   author = {Luk{\'{a}}{\v{s}} Antal and Maro{\v{s}} Barabas and Petr
	Han{\'{a}}{\v{c}}ek},
   title = {Kompromitace dat pomoc{\'{i}} SQL Injection,
	{\v{c}}{\'{a}}st III.},
   pages = {25--29},
   journal = {DSM Data Security Management},
   volume = {18},
   number = {3},
   year = {2014},
   ISSN = {1211-8737},
   language = {czech},
   url = {http://www.fit.vutbr.cz/research/view_pub.php?id=10732}
}

Your IPv4 address: 54.227.127.109
Switch to IPv6 connection

DNSSEC [dnssec]