Advanced SQL injection in SQL server applications

  • Anley C
N/ACitations
Citations of this article
311Readers
Mendeley users who have this article in their library.

Abstract

This document discusses in detail the common 'SQL injection' technique, as it applies to the popular Microsoft Internet Information Server/Active Server Pages/SQL Server platform. It discusses the various ways in which SQL can be 'injected' into the application and addresses some of the data validation and database lockdown issues that are related to this class of attack. The paper is intended to be read by both developers of web applications which communicate with databases and by security professionals whose role includes auditing these web applications.

Cite

CITATION STYLE

APA

Anley, C. (2002). Advanced SQL injection in SQL server applications. NGSSoftware Insight Security Research (p. 25). Retrieved from http://alsouza.googlecode.com/svn/trunk/Monografia/subsidios/sqlinjection/Advanced SQL Injection.pdf%5Cnhttps://sparrow.ece.cmu.edu/group/731-s11/readings/anley-sql-inj.pdf

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free