SQL injection Patterns
|
View:
New views
4 Messages
—
Rating Filter:
Alert me
|
 |
SQL injection Patterns
by nitish_mathur
::
Rate this Message:
I am studying SQL injection attacks. Generelly what patters in the incoming stream presents the occurence of SQL injection attacks. Thanks in advance. Nitish ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------ |
|
|
Re: SQL injection Patterns
by Ravi Chunduru
::
Rate this Message:
there may be many sources. I got lot of understanding of SQL/XSS/LFI
and RFI attacks by going through signatures provided by emergingthreats and IntruPro-IPS signatures. These signature look for SQL/scripts using patterns. Also SQL injection cheat sheet is one useful resource. http://www.emergingthreats.net/rules/emerging-web_sql_injection.rules http://wiki.intoto.com/intoto_wiki/tiki-index.php?page=IntruPro-IPS : you can see signatures only after downloading and installing their management application. Ravi On Sat, Jun 28, 2008 at 8:34 AM, <nitish_mathur@...> wrote: > > I am studying SQL injection attacks. Generelly what patters in the incoming stream presents the occurence of SQL injection attacks. > > > Thanks in advance. > > > Nitish > > ------------------------------------------------------------------------ > Test Your IDS > > Is your IDS deployed correctly? > Find out quickly and easily by testing it > with real-world attacks from CORE IMPACT. > Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw > to learn more. > ------------------------------------------------------------------------ > > ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------ |
|
|
Re: SQL injection Patterns
by Mohammed GAD EL RAB
::
Rate this Message:
Hi Nitish,
You can check MITRE's CAPEC (Common Attack Pattern Enumeration & Classification): Injection =>SQL Injection. Although abstracted, it gives a very useful information about SQL injection patterns. Good Luck, Mohammed GAD On Sat, Jun 28, 2008 at 5:34 PM, <nitish_mathur@...> wrote: > > I am studying SQL injection attacks. Generelly what patters in the incoming stream presents the occurence of SQL injection attacks. > > > Thanks in advance. > > > Nitish > > ------------------------------------------------------------------------ > Test Your IDS > > Is your IDS deployed correctly? > Find out quickly and easily by testing it > with real-world attacks from CORE IMPACT. > Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw > to learn more. > ------------------------------------------------------------------------ > > ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------ |
|
|
Re: SQL injection Patterns
by Rick Zhong
::
Rate this Message:
hi,
You can refer to the SQLinjection portion of the ModSecurity's core rules. It is a very good reference and can be a good starting point - http://www.modsecurity.org/projects/rules/index.html regards, Rick On Sat, Jun 28, 2008 at 11:34 PM, <nitish_mathur@...> wrote: > > I am studying SQL injection attacks. Generelly what patters in the incoming stream presents the occurence of SQL injection attacks. > > > Thanks in advance. > > > Nitish > > ------------------------------------------------------------------------ > Test Your IDS > > Is your IDS deployed correctly? > Find out quickly and easily by testing it > with real-world attacks from CORE IMPACT. > Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw > to learn more. > ------------------------------------------------------------------------ > > -- Information (In)Security @ Where It Matters - http://blog.rickzhong.com ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------ |
| Free Forum Powered by Nabble | Forum Help |