Planet MySQL Planet MySQL: Meta Deutsch Español Français Italiano 日本語 Русский Português 中文
Showing entries 1 to 10 of 18 8 Older Entries

Displaying posts with tag: sql injection (reset)

Prevent SQL Injection in PHP
+0 Vote Up -0Vote Down

Two easy ways to prevent SQL Injection in PHP

To many people still execute sql queries using methods which does not prevent SQL Injection, and many tutorials out there give bad example of doing so.

SQL Injection? What? -> SQL Injection explained

There are two easy aproachs to prevent SQL Injection:

  • Using PDO:
    stmt = $pdo->prepare('SELECT * FROM employees WHERE name = :name'); 
    $stmt->execute(array(':name' => $name)); 
    foreach ($stmt as $row) {     
        // do something with $row 
  • Using mysqli:
    $stmt = $dbConnection->prepare('SELECT

  •   [Read more...]
    Transparent encryption does not make your database secure
    +5 Vote Up -0Vote Down
    Transparently encrypted storage of *any* kind (storage engine based data encryption, truecrypt volume encryption, bitkeeper, etc) is *just as insecure* to most types of attack as non-encrypted data.  SQL injection or security escalation vulnerabilities, operating system vulnerabilities and cross site scripting attacks could give attackers access to the database data.  It doesn't matter if you encrypt the database's physical storage in the database itself (in the storage engine layer) or on disk (at the filesystem level) since either way the data is presented unencrypted through the SQL interface. 

    Transparent encryption is great for protecting your laptop data from theft by stealing your laptop.  It is very unlikely someone will attack your server by stealing it.

    It doesn't protect you from a malicious SQL injection which drops all your tables or reads

      [Read more...]
    SQL Injections, Again…
    +0 Vote Up -0Vote Down
    Last Friday the Dutch TV program Zembla aired part two of the "verzuimpolitie" series. The first part was mainly about how employers could access medical information about employees. There is a news article about the second part here (with google translate).

      [Read more...]
    Join our live webinar and learn how to protect your most sensitive information – It’s time to take action!
    +0 Vote Up -0Vote Down

    In the past few years, hackers, hacktivists and criminals have targeted millions of databases. Any information you own is at risk.

    Join GreenSQL’s live webinar and learn the actions required in order to protect your invaluable information and that of your customers.

    Security expert David Maman, Founder and CTO of GreenSQL, the Unified Database Security Company, will cover the following topics:

    -         Advanced database hacking methods

    -         Common database security threats

    -         How to protect databases from SQL injection attacks

    -         Separation of

      [Read more...]
    New Frontiers in Information Security – Insights from my lecture at WizeNight
    +0 Vote Up -0Vote Down

    Last Wednesday evening, I gave a talk at the WizeNight gathering in Tel Aviv, Israel. Wize is a new nonprofit organization that organizes WizeNights, free lectures for people who want to learn interesting and important things, over a beer. This time, the event took place at the Bialik Bar.

    My talk covered topics such as the hype about recent computer security attacks, the lack of social networking security for our virtual presence, database information security, credit card readers and zero-day attacks.

    Here are 5 facts I shared with the crowd that most didn’t know:

    1. Identity theft is a bigger crime than drugs in the U.S.
    2. Social networking is highly unsecured.
    3. Many of the largest companies worldwide have been exposed to SQL injection attacks.

      [Read more...]
    New exploit to Oracle CVE-2007-4517 vulnerability
    +0 Vote Up -0Vote Down


    As part of GreenSQL’s Database security research,  we’ve been validating and extending coverage of known and unknown vulnerabilities in order to increase GreenSQL product security, at this post we will reveal a full working Prove of Concept for the CVE-2007-4517 vulnerability which executes arbitrary code.

    The Exploit: PL/SQL/2007-4517 exploit is a PL/SQL procedure that exploits the CVE-2007-4517 vulnerability, also known as Oracle Database XDB.XDB_PITRIG_PKG.PITRIG_DROPMETADATA Procedure Multiple Argument Remote Overflow.

    The vulnerability is caused due to a boundary error in the XDB.XDB_PITRIG_PKG.PITRIG_DROPMETADATA procedure when processing the OWNER and NAME arguments to create an SQL query.

    This can be exploited to cause a buffer overflow by passing overly long OWNER and NAME arguments to the affected

      [Read more...]
    Lateral SQL Injection in Oracle Database
    +0 Vote Up -0Vote Down
    Lateral SQL Injection in Oracle Database



    In order to get the system date in Oracle, you able to query for sysdate field in table dual.
    SQL> select sysdate from dual;

    SYSDATE format is set in: nls_date_format.

    Following the publication: Lateral SQL Injection: A New Class of Vulnerability in Oracle, ( published by David Litchfield, FEB/2008.

    This post provides an overview and a demonstration on how this issue is still easily exploitable in Oracle Database.



    Nls_date_format allows input of any string without filtering.
    Example:  alter session set nls_date_format = ‘”the time is:”…

      [Read more...]
    Shortest SQL Injection Attack
    +0 Vote Up -0Vote Down


    Shortest SQL Injection Attack syntax


    In many cases, the user’s input is limited to a specific length.
    Although the user’s input length is limited, many times the server is vulnerable to SQL Injection attack’s.
    In this post, we’ll discuss two scenarios and how SQL injections attacks are being exploited using shortest SQL injection attack syntax.

    Get Database Name through 2-fields attack
    In this scenario, the attacker attacks a web application which receives First-Name and Last-Name, and outputs its matched e-mail address. (see appendix A)

    The original SQL query sent to the database is:

    select EmailAddress from Person.Contact where FirstName = ‘@fn’ and LastName = ‘@ln’; –where @fn and @ln are the user’s

      [Read more...]
    Time-Based Blind SQL Injection
    +0 Vote Up -0Vote Down
    Time-Based Blind SQL Injection

    Blind SQL Injection is an attack which the attacker gets an indication for the query execution success. The attacker doesn’t get the query results.
    Most of the time, the indication bases on server errors or customized application errors.

    Time-Based Blind SQL Injection
    Sometimes the attacker might not be able to identify the query execution success, because the server/application doesn’t show any error.
    One of the techniques to get an indication for the query execution success called Time-Based Blind SQL Injection.
    With this technique, the attacker executes functions that take some time to finish (for example: Benchmark, Delay, etc.). By measuring the time took the application to response, the attacker might be able to identify if the query

      [Read more...]
    GreenSQL May Webinars invitation
    +0 Vote Up -0Vote Down

    GreenSQL invites you to participate in our May Webinars
    MAY 18- Securing Databases in Minutes with GreenSQL Express
    MAY 24 – Unified Database Security, the Next Generation of Database Security
    Press here to sign

    Showing entries 1 to 10 of 18 8 Older Entries

    Planet MySQL © 1995, 2014, Oracle Corporation and/or its affiliates   Legal Policies | Your Privacy Rights | Terms of Use

    Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.