Questions about this topic? Sign up to ask in the talk tab.

Difference between revisions of "SQL injection/Target Environments/Compatibility/Capabilities"

From NetSec
Jump to: navigation, search
(Created page with "Different SQL databasing engines have different capabilities. As a result, there are advantages and disadvantages passed to an attacker for each limita...")
 
 
Line 1: Line 1:
 +
<noinclude>:<font size="-2">[[SQL injection]] > [[SQL injection/Target Environments|Target Environments]] > [[SQL injection/Target Environments/Compatibility|Compatibility]] > Capabilities</font></noinclude>
 +
 
Different [[SQL]] [[databasing engine|databasing engines]] have different capabilities.  As a result, there are advantages and disadvantages passed to an attacker for each limitation or unique piece of functionality that a SQL server may have to offer.
 
Different [[SQL]] [[databasing engine|databasing engines]] have different capabilities.  As a result, there are advantages and disadvantages passed to an attacker for each limitation or unique piece of functionality that a SQL server may have to offer.
  

Latest revision as of 02:23, 19 July 2012

SQL injection > Target Environments > Compatibility > Capabilities

Different SQL databasing engines have different capabilities. As a result, there are advantages and disadvantages passed to an attacker for each limitation or unique piece of functionality that a SQL server may have to offer.

  • MSSQL Has the ability to execute server side commands natively via xp_cmdshell. This feature can be enabled or disabled (remotely), and other functions exist to read/write to the windows registry.
  • MySQL has the ability to read and write to files using the LOAD DATA and SELECT ... INTO OUTFILE ... statements as well as the load_file() function.
  • PostgreSQL is the only databasing engine which supports trigger functions or other user-defined functionality added to a table in most procedural scripting languages (Perl,Python,Ruby). Because it supports stacked queries when combined with PHP, it is possible to use SQL injection to install an SQL backdoor or plugin.