Guia Inyeccion SQL by @LightOS

1 comment
Imagen  de : http://xora.org

La recopilacion de documentos realizada por Roberto Salgado @LightOS mas que una recopilación es una Guia en la cual nos va sumergiendo en este área.  Los invito a que vean mas de ello y aprendan SQL INJECTION

Su contenido es el siguiente:

MySQL


Default Databases
Testing Injection
Comment Out Query
Testing Version
Database Credentials
Database Names
Server Hostname
Tables and Columns
Avoiding quotations
String concatenation
Conditional Statements
Timing
Privileges
Reading Files
Writing Files
Out of band channeling
Stacked Queries with PDO
MySQL-specific code
Fuzzing and Obfuscation
Operators
Constants
Password Hashing
Password Cracker

MSSQL


Default Databases
Comment Out Query
Testing Version
Database Credentials
Database Names
Server Hostname
Tables and Columns
Avoiding quotations
String concatenation
Conditional Statements
Timing
OPENROWSET Attacks
System Command Execution
SP_PASSWORD (Hiding Query)
Stacked Queries
Fuzzing and Obfuscation
Password Hashing
Password Cracker

ORACLE


Default Databases
Comment Out Query
Testing Version
Database Credentials
Database Names
Server Hostname
Tables and Columns
Avoiding Quotations
String concatenation
Conditional Statements
Timing
Privileges
Out Of Band Channeling


Fuente : Underc0de

1 comentario