While looking for examples of SQL Code Injection attacks, I found
While looking for examples of SQL Code Injection attacks, I found
a nice concise summary of many typical web application vulnerabilities, including specific product-specific things to look for, e.g.:
MySQL
– Supports ‘INTO OUTFILE’
– Runs often as “root”
– Most modules and libs do not support multiple-statements.
Oracle
– Subselects possible
– UNION possible
– Comes with many stored procedures (utf_file!)
– No multiple-statements
DB2
– Subselects possible
– UNION possible
– Stored procedures
– No multiple-statements
Postgres
– Supports COPY (if superusermode)
– Subselects possible
– UNION possible
– Stored procedures
– Multiple statements are possible!
MS SQL
– Subselects possible
– UNION possible
– Stored procedures
– Multiple statements are possible!
– Many dangerous default stored procedures (xp_cmdshell, sp_adduser)
