Regarding SQL

Discuss the many weaknesses of browser security and ways to mitigate the threat

Regarding SQL

Post by aClockworkScrivener on Sun Jun 17, 2012 7:12 pm
([msg=67321]see Regarding SQL[/msg])

I have a few questions regarding SQL Injection. I'm testing my own web server for this threat, and I would like to know a few things.

Is there such thing as fool proof?

What types of character sanitation exist?

Are there ways around them?

Info links?

Another unrelated question. Is there such a thing as unhackable, no way in, forget about it? Just a general question, I'm not another retarded asking "how to 'h4xor' facebook".

best,
-clockwork
aClockworkScrivener
New User
New User
 
Posts: 10
Joined: Thu May 24, 2012 8:06 pm
Blog: View Blog (0)


Re: Regarding SQL

Post by shaqywacky on Sun Jun 17, 2012 8:56 pm
([msg=67325]see Re: Regarding SQL[/msg])

Is there such a thing as unhackable, no way in, forget about it?

Yes. If a computer is a) turned off b) disconnected from the network(assuming remote attack) c) Has absolutely no services running.

Realistically, any server that has real services is going to be hackable. This is really more of a philosophy question though.

I would be little help with your other questions so I'll let someone more knowledgeable help you.
shaqywacky
Experienced User
Experienced User
 
Posts: 85
Joined: Thu Jul 03, 2008 2:26 pm
Blog: View Blog (0)


Re: Regarding SQL

Post by anarchy420x on Mon Jun 18, 2012 2:38 am
([msg=67331]see Re: Regarding SQL[/msg])

I disagree with shaqywacky; there is no such thing as fool proof. He is right though; it really turns into a philosophy question. The think is that there is always some way around security due to the fact that humans are naturally flawed. We don't see all the security holes until after they are discovered. Stupidly what I mean to say, is that we can't prevent people from bypassing security holes, just react to it.

As far as SQL injection goes, I can't tell you. I learned a little about it when I was working on the missions, but I haven't dug into it yet.
A broken clock is right twice a day, however, I am neither up that early nor up that late...
anarchy420x
Poster
Poster
 
Posts: 279
Joined: Thu Oct 16, 2008 12:43 am
Blog: View Blog (0)


Re: Regarding SQL

Post by edone automaton on Mon Jun 18, 2012 3:22 am
([msg=67332]see Re: Regarding SQL[/msg])

Try this set of tutorials there is a download to work through, starts off nice and easy, you can do each lesson and then read up a bit more if you think it necessary. You may have to sign up for that site but that is worth doing anyway.
A wise man can learn more from a foolish question than a fool can learn from a wise answer.
-Bruce Lee
User avatar
edone automaton
Poster
Poster
 
Posts: 190
Joined: Sat May 21, 2011 7:09 am
Blog: View Blog (0)



Return to Web

Who is online

Users browsing this forum: No registered users and 0 guests