THE CENZIC BLOG
Subscribe to the "SQL Injection Video" web feed.Subscription options
Read more articles in  Web Application Security Insights
.
June 02, 2009

SQL Injection Video

Watch one of the best 3 minute videos on a SQL Injection attack

SQL Injection VideoAfter hearing 2 stories today    (US Army Websites Hacked and Hackers Hit 40,000 Websites) about the plethora of Websites being hit with SQL Injection attacks, I thought this video was very appropriate. 

In a mere 3 minutes, you’ll see a great example of how this attack works.  The hacker first attempts to log into a University Website using a userid and password to illicit an error message.  Once the error message is displayed, he goes into the source code to make changes to the settings, allowing allow him to access the site off-line using his credentials.  The hacker now has full access to the entire database of students – grades, social security numbers, and dates of birth

And here's some information on testing for a SQL Injection vulnerability from About.com. 
 
by
Erin Swanson
Eswanson@cenzic.com

.
PermalinkHackers hit U.S. Army websites
.SQL Injections used to hack into US Army Websites
.http://www.scmagazineus.com/Hackers-hit-US-Army-websites/article/137814/
.
PermalinkHackers Hit 40,000 Websites with Mass Compromise
.SQL Injections used on over 40,000 Websites to cause mass compromise
.http://www.eweek.com/c/a/Security/Hackers-Hit-40000-Web-Sites-With-Mass-Compromise-224833/
.
PermalinkVideo SQL Injection
.Watch one of the best 3 minute videos on an SQL Injection attack
.http://www.youtube.com/watch?v=MJNJjh4jORY
.
PermalinkTesting For SQL Injection Vulnerabilities
.About.com and their description of a SQL Injection Attack
.http://databases.about.com/od/security/a/sql_inject_test.htm
Topic Tags:  
by Erin Swanson | ↑top | link to this#
Syndication OptionsRSS (Rich Site Summary) Feed Atom Feed OPML (Outline Processor Language) Feed MYST-ML (MyST Markup Language) Content Feed MS-Office Smart Tag Subscription