Homeblog

New MySQL Patterns

Posted September 23rd, 2007 by yuli

During this weekend I found an excellent article on Internet. It explains in details how one can perform blind SQL injection against MySQL. For interested parties you can find it here:

While reading it I found a number of SQL operations that skillful hacker can use it order to exploit SQL injection vulnerability. He can use the following commands:

  • current_user(), system_user(), session_user()
  • version()
  • database()
  • into outfile
  • load file
Bookmark/Search this post with:
  • Delicious
  • Digg
  • StumbleUpon
  • Propeller
  • Reddit
  • Magnoliacom
  • Newsvine
  • Furl
  • Facebook
  • Google
  • Yahoo
No votes yet

Back to top