SQL Injection Cookbook template

From OWASP
Revision as of 13:55, 13 January 2007 by Davidribyrne@yahoo.com (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Test

Meta-data

List of table names

List of columns for a specific table

Information about the indexes of a specific table


List of stored procedures

Parameters for stored procedures

Source code of stored procedures


List of database users

Database user permissions

Database server settings



How to perform:

Data type casting

String-based queries with no quote characters

SQL tautology attacks