Free Advertising Forums | Free Advertising Board | Post Free Ads Forum | Free Advertising Forums Directory | Best Free Advertising Methods | Advertising Forums

Free Advertising Forums | Free Advertising Board | Post Free Ads Forum | Free Advertising Forums Directory | Best Free Advertising Methods | Advertising Forums (http://www.freeadvertisingzone.com/index.php)
-   Other (http://www.freeadvertisingzone.com/forumdisplay.php?f=46)
-   -   SQL Smuggling (http://www.freeadvertisingzone.com/showthread.php?t=903906)

neo127 03-10-2011 07:58 AM
SQL Smuggling
 
Introduction:
This paper will present a new class of attack, called SQL Smuggling. SQL Smuggling is a sub-class of SQL Injection attacks that rely on differences between contextual interpretation performed by the application platform and the database server.
While numerous instances of SQL Smuggling are commonly known, it has yet to be examined as a discrete class of attacks, with a common root cause. The root cause in fact has not yet been thoroughly investigated; this research is a result of a new smuggling technique, presented in this paper. It is fair to assume that further study of this commonality will likely lead to additional findings in this area.
SQL Smuggling attacks can effectively bypass standard protective mechanisms and succeed in injecting malicious SQL to the database, in spite of these protective mechanisms. This paper explores several situations wherein these protective mechanisms are not as effective as assumed, and thus may be bypassed by malicious attackers. This in effect allows an attacker to succeed in "smuggling" his SQL Injection attack through the applicative protections, and attack the database in spite of those protections

Download: PDF


All times are GMT. The time now is 08:23 AM.

Powered by vBulletin Version 3.6.4
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.
Free Advertising Forums | Free Advertising Message Boards | Post Free Ads Forum