Questions about this topic? Sign up to ask in the talk tab.

SQL injection/Target Environments/Compatibility/Capabilities

From NetSec
Revision as of 01:39, 19 July 2012 by LashawnSeccombe (Talk | contribs) (Created page with "Different SQL databasing engines have different capabilities. As a result, there are advantages and disadvantages passed to an attacker for each limita...")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Different SQL databasing engines have different capabilities. As a result, there are advantages and disadvantages passed to an attacker for each limitation or unique piece of functionality that a SQL server may have to offer.

  • MSSQL Has the ability to execute server side commands natively via xp_cmdshell. This feature can be enabled or disabled (remotely), and other functions exist to read/write to the windows registry.
  • MySQL has the ability to read and write to files using the LOAD DATA and SELECT ... INTO OUTFILE ... statements as well as the load_file() function.
  • PostgreSQL is the only databasing engine which supports trigger functions or other user-defined functionality added to a table in most procedural scripting languages (Perl,Python,Ruby). Because it supports stacked queries when combined with PHP, it is possible to use SQL injection to install an SQL backdoor or plugin.