Wednesday, September 2, 2009

Another SQL Injection Variant

Here is another variation of conducting successful SQL Injection attack, Truncation-Based SQL Injection, by Varun Sharma of Microsoft ACE team.

http://msdn.microsoft.com/hi-in/security/ee216344%28en-us%29.aspx

It is not a new vulnerability or something that defies existing security best practices against SQL Injection - use SQL Parameters, input validation, least privilege principle, but just highlights another way to break weak code.

4 comments:

  1. Nice blog post. Good information about reading sql injection. Learning sql is really important.
    MySQL PHP Training Bangalore

    ReplyDelete
  2. Nice article great post comment information thanks for sharing

    พี่มากพระโขนง

    ReplyDelete
  3. Buy YouTube Views. It is the newest way for developing your Google authority. To discover more keep studying this site. buy youtube views cheap

    ReplyDelete