For those wanting the slides for “Testing the Security of Your Site”, they’re at:
http://www.sheeri.com/presentations/MySQLSecurity2007_04_24.pdf — 108 K PDF file
http://www.sheeri.com/presentations/MySQLSecurity2007_04_24.swf — 56 K Flash file
and some code:
For the UserAuth table I use in the example to test SQL injection
(see slides):
CREATE TABLE UserAuth (userId INT UNSIGNED AUTO_INCREMENT NOT
NULL PRIMARY KEY, uname VARCHAR(20) NOT NULL DEFAULT '' UNIQUE
KEY, pass VARCHAR(32) NOT NULL DEFAULT '') …