lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 05 Jan 2005 15:56:28 -0500
From: Cory Foy <Cory.Foy@...ilehwy.com>
To: bugtraq@...urityfocus.com
Subject: Re: Paper: SQL Injection Attacks by Example


Scovetta, Michael V wrote:
> At least in MSSQL, you'd have to do something bad like use sp_executesql
> or some other function that will re-form a complete sql query and pass
> that to the interpreter. As long as you do more sensible stuff like:
> 
> 	insert into table (name, age) values (@b, @a)
> 
> you should be fine.

Except that I've seen webbie-type people who will execute a stored proc 
by doing:

strSQL = "exec userLogin " + userName + " " + userPassword

which would be still be subject to a SQL Injection attack if I simply 
had a semicolon in the userPassword and then was able to pass any other 
query to it.

Cory

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ