Questions about this topic? Sign up to ask in the talk tab.
Difference between revisions of "SQL injection/Target Environments/Compatibility/Capabilities"
From NetSec
(Created page with "Different SQL databasing engines have different capabilities. As a result, there are advantages and disadvantages passed to an attacker for each limita...") |
|||
| Line 1: | Line 1: | ||
| + | <noinclude>:<font size="-2">[[SQL injection]] > [[SQL injection/Target Environments|Target Environments]] > [[SQL injection/Target Environments/Compatibility|Compatibility]] > Capabilities</font></noinclude> | ||
| + | |||
Different [[SQL]] [[databasing engine|databasing engines]] have different capabilities. As a result, there are advantages and disadvantages passed to an attacker for each limitation or unique piece of functionality that a SQL server may have to offer. | Different [[SQL]] [[databasing engine|databasing engines]] have different capabilities. As a result, there are advantages and disadvantages passed to an attacker for each limitation or unique piece of functionality that a SQL server may have to offer. | ||
Latest revision as of 03:23, 19 July 2012
- SQL injection > Target Environments > Compatibility > Capabilities
Different SQL databasing engines have different capabilities. As a result, there are advantages and disadvantages passed to an attacker for each limitation or unique piece of functionality that a SQL server may have to offer.
- MSSQL Has the ability to execute server side commands natively via xp_cmdshell. This feature can be enabled or disabled (remotely), and other functions exist to read/write to the windows registry.
- MySQL has the ability to read and write to files using the LOAD DATA and SELECT ... INTO OUTFILE ... statements as well as the load_file() function.
- PostgreSQL is the only databasing engine which supports trigger functions or other user-defined functionality added to a table in most procedural scripting languages (Perl,Python,Ruby). Because it supports stacked queries when combined with PHP, it is possible to use SQL injection to install an SQL backdoor or plugin.
