This paper will present a new class of attack, called SQL Smuggling. SQL Smuggling is a sub-class of SQL Injection attacks that rely on differences between contextual interpretation performed by the application platform and the database server. While numerous instances of SQL Smuggling are commonly known, it has yet to be examined as a discrete class of attacks, with a common root cause. The root cause in fact has not yet been thoroughly investigated; this research is a result of a new smuggling technique, presented in this paper. It is fair to assume that further study of this commonality will likely lead to additional findings in this area.
46f3d645ad84a08e0fd5e13e5b32e7c9a124a0b37fd8e35f1fe56d83038a5ddfA tutorial written for newbies who wants to explore the m4d l33t world of SQL injection and have yet to even learn basic SQL commands.
c0a7f60cb48c9552397f1e532902b4520e369df3e949149b7d57db9e5e391b32Whitepaper discussing techniques for MySQL related SQL injection. Written in Spanish.
ee7e900283cc996a8c28c40c5884ac9c44ab2146723cc1d4733f97b3eed84f6dWhitepaper discussing blind SQL injection discovery and exploitation techniques. It describes how to deal with blind SQL injection on ASP/ASP.NET applications running with access to XP_CMDSHELL.
38f99722128efd5e6ad90e4e47213ad4e80f38e80cd65725de7307d4dc245cf1DoS Attacks Using SQL Wildcards - This paper discusses abusing Microsoft SQL Query wildcards to consume CPU in database servers.
966761136e5dd0fc10bac9d6b273966d20386567a7bdca93ac2c13e0d89fc0e9Blind MySQL Injection - Techniques for injection without any information regarding MySQL. Written in Spanish.
8d89853d9dcac5bc068947c4c9f8c470ec5a392d5d24061e64d5913b14a15aafLateral SQL Injection: A New Class of Vulnerability in Oracle.
0db673b33010a9aa5626bc5198e1ef07be87e36a1d9a04d25e9c098c2c211bbeWhitepaper called Error Based SQL Injection - A True Story.
8c587c42923564ab931ded4c61b6f6a56d5e1b9a7fc0f1f3884c7f21aa408442Slides from the presentation Oracle Database Vault: Design Failures.
aa413dac2420e9793150ea25140ef356d8f3b5c166c5a82b88e5082a51840006Whitepaper: Oracle Forensics Part 6 - Examining Undo Segments, Flashback and the Oracle Recycle Bin.
76e1d7ed99164fa689c01f4960b40e5de09c7ff60fa91c3fe4fcaabf1c4422f2Whitepaper: Oracle Forensics Part 5 - Finding Evidence of Data Theft in the Absence of Auditing.
05f964f5538507637f62883278dca0fbb358534be66e7a889e548211d48bc52cWhitepaper discussing security implications with PostgreSQL when improperly configured.
394fde0a55e01e4ceacd902f672a2e8f17f90c73974cfcf7a60f272b62d35440Whitepaper: Oracle Forensics Part 4 - What an incident responder should do during a Live Response on a compromised Oracle server.
83f0aeb9dd27cf69a8be8e6c4848a9202b04c6d3075694610204fed13acc7d0bDatabase Security Brief: The Oracle Critical Patch Update for April 2007.
a465cc3fe3cd6f9d61436789abaa6d3353a89cf58084fac1c54a1b580479ea9aWhitepaper: Oracle Forensics Part 3 - Isolating Evidence of Attacks Against the Authentication Mechanism.
81e72d8d4ad573a25cd1dc2081223589365436cda2fb6120efd95ace839bbc35Whitepaper: Oracle Forensics Part 2 - Locating Dropped Objects.
4ae3a18f31870f0d43997f9547068790fed32a9e928f6fd5fdfada63b49fbb91Whitepaper: Oracle Forensics Part 1 - Dissecting the Redo Logs.
b03a861dde27c162bf5629855f2f67c101139bb2deae2410b0349885f1615935Whitepaper entitled "Cursor Injection - A New Method for Exploiting PL/SQL Injection and Potential Defences".
5e052565e3661c687c0142cb2a857a3b5d8400a27ec65832792185de33fbad3dDefeating Virtual Private Databases, a chapter from the Oracle Hacker's Handbook.
7cf148e1ab70f4357ff232e00ce6a5f24bef89a12e5de8bc87246be02511702fIndirect Privilege Escalation, a chapter from the Oracle Hacker's Handbook.
7f8124fe32864ca4771a493debdf86f128eba3b844b6479d4bfc1da1fee9ff8aNew Oracle Security Paper - How to secure Oracle passwords from rainbow tables and new password cracking patches. Also includes a free audit tool called OraBrute to brute force SYS AS SYSDBA in order to check that it has been secured. Unfortunately by default it is not but can be secured by following this papers recommendations.
d01676e8a88e2d6cb26473a80fe847d360a18ce0fbd1a995aafac93055168522Whitepaper detailing a potential PL/SQL programming error related to cursors that leads to a new class of vulnerability in Oracle.
8c5057fe16f9b2f304f5725b4b6a9f9f6342e138793b7fb488b2611b317c234aWhitepaper entitled "Which is more secure? Oracle vs. Microsoft". This article looks at the number of security flaws in Oracle and Microsoft database offerings.
76b1dff89265c886e4fb95a2da210b637f0ae4d28b78e4ee37976c44012de162Informix: Discovery, Attack, and Defense.
30d3c198f1a5407dc57ce22ec3acc687151a9106b822a114825a198deff50d61"Snagging Security Tokens to Elevate Privileges" is a brief that details how a database server running as a low privileged user on Windows can still provide an attacker with the ability to gain elevated privileges on the network and suggests a change in security policy to mitigate the risk. As a side note, this affects all network servers that offer OS based authentication - not just database servers.
ddf0367b0ae123b501921160d18f52c089a3c85c8d21251937bf98c7eee6c567
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed