Slashdot Mirror


Anatomy of a SQL Injection Attack

Trailrunner7 writes "SQL injection has become perhaps the most widely used technique for compromising Web applications, thanks to both its relative simplicity and high success rate. It's not often that outsiders get a look at the way these attacks work, but a well-known researcher is providing just that. Rafal Los showed a skeptical group of executives just how quickly he could compromise one of their sites using SQL injection, and in the process found that the site had already been hacked and was serving the Zeus Trojan to visitors." Los's original blog post has more and better illustrations, too.

4 of 267 comments (clear)

  1. A cautionary tale' OR 1=1 by kyz · · Score: 4, Funny

    ...for these modern times.

    --
    Does my bum look big in this?
  2. Obligatory xkcd by tangent3 · · Score: 4, Funny
    1. Re:Obligatory xkcd by Inda · · Score: 4, Funny

      Oh, oh, oh, please let it be Bobby DropTables, please, please.

      --
      This post contains benzene, nitrosamines, formaldehyde and hydrogen cyanide.
  3. Slash Dot Virus Sequel Injected in You by h00manist · · Score: 4, Funny

    You can't stop reading slashdot. Full of nonsensensical arguments, but you read on, your brain oozes, your eyes are red, dry and hurt. Still, you read on, and participate in the debate. You don't recognize your odd behavior. There's a sequel reply injected into your brain. It's a slash dot sequel brain virus injection. There's no cleaning utility, you will need to reformat your brain.

    --
    Build your own energy sources from scratch. http://otherpower.com/