begood Posted April 11, 2010 Report Posted April 11, 2010 SFX-SQLi (Select For XML SQL injection) is a new SQL injection technique which allows to extract the whole information of a Microsoft SQL Server 2005/2008 database in an extremely fast and efficient way.This technique is based on the FOR XML clause, which is able to convert the content of a table into a single string, so its contents could be appended to some field injecting a subquery into a vulnerable input of a web application.SFX-SQLi (Select For XML SQL injection)
tjt Posted April 11, 2010 Report Posted April 11, 2010 A mai fost postat....SFX-SQLi (Select For XML SQL injection) - RST
paxnWo Posted April 11, 2010 Report Posted April 11, 2010 Mai esti si moderator .. )care e problema ta ?
