I ran across this great YouTube video that shows exactly how to perform an SQL injection attack:
https://www.youtube.com/watch?v=ciNHn38EyRc
I like the way the author steps through all of the gory details of the attack, including his assumptions, thought processes, etc. It's simply a great tutorial on how a hacker would go about formulating this type of attack. What it doesn't explicitly cover is the list of specific mitigation techniques that can be employed to stop this kind of attack, but you can find that information easily with Google:
https://www.google.com/search?&q=how+to+protect+against+code+injection
There you'll find tons of language-specific solutions to the problem.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment