[nycphp-talk] php in securityfocus 218
jon baer
jonbaer at jonbaer.net
Tue Oct 14 11:29:02 EDT 2003
> In an attempt, um, to redeem this message, what *is* an SQL Injection
> Vulnerability? Is the religious use of addslashes() on any request
i once read a paper that covered crazy recon hacking techniques and the one
that involved SQL injection was pretty interesting, I think if I remember it
was more pertaining to Perl but could be applied in anything. Basically it
was case scenerio where the hacker was actually looking for the exact box
the admin material was being hosted on (the SQL Server/MySQL) and he
discovered that if he placed \<img\> tags inside of an entry that he could
trace back the IP request when the admin viewed results. (he already had a
working password) ... from what I know, this is already common in spammers
determining "good" hosts when they embed tagged images.
- jon
More information about the talk
mailing list