Jump to content
io.kent

[E-Book] Bible of the SQL-Injection

By io.kent, in Tutoriale in engleza

Recommended Posts

io.kent Newbie

io.kent

Posted
Posted

00178f8b_medium.jpeg

Chapter 1 What Is SQL Injection?

1-Introduction

2-Understanding How Web Applications Work.

3-A Simple Application Architecture

4-A More Complex Architecture

5-Understanding SQL Injection

6-High-Profile Examples

7-Understanding How It Happens

8-Dynamic String Building

9-Incorrectly Handled Escape Characters

10-Incorrectly Handled Types

11-Incorrectly Handled Query Assembly

12-Incorrectly Handled Errors

13-Incorrectly Handled Multiple Submissions

14-Insecure Database Configuration

15-Summary

16-Solutions Fast Track

17-Frequently Asked Questions

Chapter 2 Testing for SQL Injection

1-Introduction

2-Finding SQL Injection

3-Testing by Inference

4-Identifying Data Entry

5-GET Requests

6-POST Requests

7-Other Injectable Data

8-Manipulating Parameters

9-Information Workf low

10-Database Errors

11-Commonly Displayed SQL Errors

12-Microsoft SQL Server Errors

13-MySQL Errors

14-Oracle Errors

15-Generic Errors

16-HTTP Code Errors

17-Different Response Sizes

18Blind Injection Detection

19-Confirming SQL Injection

20-Differentiating Numbers and Strings

21-Inline SQL Injection

22-Injecting Strings Inline

23-Injecting Numeric Values Inline

24-Terminating SQL Injection

25-Database Comment Syntax

26-Using Comments

27-Executing Multiple Statements

28-Time Delays

29-Automating SQL Injection Discovery

30-Tools for Automatically Finding SQL Injection

31-HP WebInspect

32-IBM Rational AppScan

33-HP Scrawlr

34-SQLiX

35-Paros Proxy

36-Summary

37-Solutions Fast Track

38-Frequently Asked Questions

Chapter 3 Reviewing Code for SQL Injection

1-Introduction

2-Reviewing Source Code for SQL Injection

3-Dangerous Coding Behaviors

4-Dangerous Functions

5-Following the Data

6-Following Data in PHP

7-Following Data in Java

8-Following Data in C#

9-Reviewing PL/SQL and T-SQL Code

10-Automated Source Code Review

11-Yet Another Source Code Analyzer

12-Pixy

13-AppCodeScan

14-LAPSE

15-Security Compass Web Application Analysis Tool (SWAAT)

16-Microsoft Source Code Analyzer for SQL Injection

17-Microsoft Code Analysis Tool .NET (CAT.NET)

18-Commercial Source Code Review Tools

19-Ounce

20-Source Code Analysis

21-CodeSecure

22-Summary

23-Solutions Fast Track

24-Frequently Asked Questions

Chapter 4 Exploiting SQL Injection

1-Introduction

2-Understanding Common Exploit Techniques

3-Using Stacked Queries

4-Identifying the Database

5-Non-Blind Fingerprint

6-Banner Grabbing

7-Blind Fingerprint

8-Extracting Data through UNION Statements

9-Matching Columns

10-Matching Data Types

11-Using Conditional Statements

12-Approach 1: Time-based

13-Approach 2: Error-based

14-Approach 3: Content-based

15-Working with Strings

16-Extending the Attack

17-Using Errors for SQL Injection

18-Error Messages in Oracle

19-Enumerating the Database Schema

20-SQL Server

21-MySQL

22-Oracle

23-Escalating Privileges

24-SQL Server

25-Privilege Escalation on Unpatched Servers

26-Oracle

27-Stealing the Password Hashes

28-SQL Server

29-MySQL

30-Oracle

31-Oracle Components

32-APEX

33-Oracle Internet Directory

34-Out-of-Band Communication

35-E-mail

36-Microsoft SQL Server

37-Oracle

38-HTTP/DNS

39-File System

40-SQL Server

41-MySQL

42-Oracle

43-Automating SQL Injection Exploitation

44-Sqlmap

45-Sqlmap Example

46-Bobcat

47-BSQL

48-Other Tools

49-Summary

50-Solutions Fast Track

51-Frequently Asked Questions

Chapter 5 Blind SQL Injection Exploitation

1-Introduction

2-Finding and Confirming Blind SQL Injection

3-Forcing Generic Errors

4-Injecting Queries with Side Effects

5-Spitting and Balancing

6-Common Blind SQL Injection Scenarios

7-Blind SQL Injection Techniques

8-Inference Techniques

9-Increasing the Complexity of Inference Techniques

10-Alternative Channel Techniques

11-Using Time-Based Techniques

12-Delaying Database Queries

13-MySQL Delays

14-Generic MySQL Bit-by-Bit Inference Exploits

15-SQL Server Delays

16-Generic SQL Server Binary Search Inference Exploits

17-Generic SQL Server Bit-by-Bit Inference Exploits

18-Oracle Delays

19-Time-Based Inference Considerations

20-Using Response-Based Techniques

21-MySQL Response Techniques

22-SQL Server Response Techniques

23-Oracle Response Techniques

24-Returning More Than One Bit of Information

25-Using Alternative Channels

26-Database Connections

27-DNS Exfiltration

28-E-mail Exfiltration

29-HTTP Exfiltration

30-Automating Blind SQL Injection Exploitation

31-Absinthe

32-BSQL Hacker

33-SQLBrute

34-Sqlninja

35-Squeeza

36-Summary

37-Solutions Fast Track

38-Frequently Asked Questions

Chapter 6 Exploiting the Operating System

1-Introduction

2-Accessing the File System

3-Reading Files

4-MySQL

5-Microsoft SQL Server

6-Oracle

7-Writing Files

8-MySQL

9-Microsoft SQL Server

10-Oracle

11-Executing Operating System Commands

12-Direct Execution

13-Oracle

14-DBMS_SCHEDULER

15-PL/SQL Native

16-Other Possibilities

17-Alter System Set Events

18-PL/SQL Native 9i

19-Buffer Overflows

20-Custom Application Code

21-MySQL

22-Microsoft SQL Server

23-Consolidating Access

24-Summary

25-Solutions Fast Track

26-Frequently Asked Questions

27-Endnotes

Chapter 7 Advanced Topics

1-Introduction

2-Evading Input Filters

3-Using Case Variation

4-Using SQL Comments

5-Using URL Encoding

6-Using Dynamic Query Execution

7-Using Null Bytes

8-Nesting Stripped Expressions

9-Exploiting Truncation

10-Bypassing Custom Filters

11-Using Non-Standard Entry Points

12-Exploiting Second-Order SQL Injection

13-Finding Second-Order Vulnerabilities

14-Using Hybrid Attacks

15-Leveraging Captured Data

16-Creating Cross-Site Scripting

17-Running Operating System Commands on Oracle

18-Exploiting Authenticated Vulnerabilities

19-Summary

20-Solutions Fast Track

21-Frequently Asked Questions

Chapter 8 Code-Level Defenses

1-Introduction

2-Using Parameterized Statements

3-Parameterized Statements in Java

4-Parameterized Statements in .NET (C#)

5-Parameterized Statements in PHP

6-Parameterized Statements in PL/SQL

7-Validating Input

8-Whitelisting

9-Blacklisting

10-Validating Input in Java

11-Validating Input in .NET

12-Validating Input in PHP

13-Encoding Output

14-Encoding to the Database

15-Encoding for Oracle

16-Oracle dbms_asser

17-Encoding for Microsoft SQL Server

18-Encoding for MySQL

19-Canonicalization

20-Canonicalization Approache

21-Working with Unicode

22-Designing to Avoid the Dangers of SQL Injection

23-Using Stored Procedures

24-Using Abstraction Layers

25-Handling Sensitive Data

26-Avoiding Obvious Object Names

27-Setting Up Database Honeypots

Chapter 9 Reference

1-Introduction

2-Structured Query Language (SQL) Primer

3-SQL Queries

4-SELECT Statement

5-UNION Operator

6-INSERT Statement

7-UPDATE Statement

8-DELETE Statement

9-*zensiert* Statement

10-CREATE TABLE Statement

11-ALTER TABLE Statement

12-GROUP BY Statement

13-ORDER BY Clause

14-Limiting the Result Set

15-SQL Injection Quick Reference

16-Identifying the Database Platform

17-Identifying the Database Platform via Time Delay Inference

18-Identifying the Database Platform via SQL Dialect Inference

19-Combining Multiple Rows into a Single Row

20-Microsoft SQL Server Cheat Sheet.

21-Blind SQL Injection Functions: Microsoft SQL Server

22-Microsoft SQL Server Privilege Escalation

23-OPENROWSET Reauthentication Attack

24-Attacking the Database Server: Microsoft SQL Server

25-System Command Execution via xp_cmdshell

26-xp_cmdshell Alternative

27-Cracking Database Passwords

28-Microsoft SQL Server 2005 Hashes

29-File Read/Write

30-MySQL Cheat Sheet

31-Enumerating Database Configuration Information and Schema

32-Blind SQL Injection Functions: MySQL

33-Attacking the Database Server: MySQL

34-System Command Execution

35-Cracking Database Passwords

36-Attacking the Database Directly

37-File Read/Write

38-Oracle Cheat Sheet

39-Enumerating Database Configuration Information and Schema

40-Blind SQL Injection Functions: Oracle

41-Attacking the Database Server: Oracle

42-Command Execution

43-Reading Local Files

44-Reading Local Files (PL/SQL Injection Only)

45-Writing Local Files (PL/SQL Injection Only)

46-Cracking Database Passwords

47-Bypassing Input Validation Filters

48-Quote Filters

49-HTTP Encoding

50-Troubleshooting SQL Injection Attacks

51-SQL Injection on Other Platforms

52-PostgreSQL Cheat Sheet

53-Enumerating Database Configuration Information and Schema

54-Blind SQL Injection Functions: PostgreSQL

55-Attacking the Database Server: PostgreSQL

56-System Command Executio

57-Local File Access

58-Cracking Database Passwords

59-DB2 Cheat Sheet

60-Enumerating Database Configuration Information and Schema

61-Blind SQL Injection Functions: DB2

62-Informix Cheat Sheet

63-Enumerating Database Configuration Information and Schema

64-Blind SQL Injection Functions: Informix

65-Ingres Cheat Sheet

66-Enumerating Database Configuration Information and Schema

67-Blind SQL Injection Functions: Ingres

68-Microsoft Access

69-Resources

70-SQL Injection White Papers

71-SQL Injection Cheat Sheets

72-SQL Injection Exploit Tools

73-Password Cracking Tools

74-Solutions Fast Track

Download : _Bible_of_the_SQL-Injection.rar"]http://www.mediafire.com/file/77b6x7y4f1dn41x/[E-Book]_Bible_of_the_SQL-Injection.rar

  • Upvote 2

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...