Description: This presentation titled "SQL injection: Not only AND 1=1" was given by Bernardo Damele Assumpcao Guimaraes at SnowFROC 2009.
The presentation has a quick preamble on SQL injection definition, sqlmap and its key features.
Damele will then illustrate into details common and uncommon problems and respective solutions with examples that a penetration tester or a SQL injection tool developer faces when he wants to take advantage of any kind of web application SQL injection flaw on real world web applications, for instance SQL injection in ORDER BY and LIMIT clauses, single entry UNION query SQL injection, blind SQL injection algorithm speed enhancements, specific web application technologies IDS bypasses and more.
Tags: basics ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.