[Full-disclosure] How to compromise a Microosft site using SQL injection
Security Admin (NetSec)
secadmin at netsecdesign.com
Sun Jul 1 17:26:35 BST 2007
http://www.zone-h.org/content/view/14780/31/
Has the explanation, and a place to upload the HOW-TO video (with test
explanation) from the hacker, http://www.unbase.com/n/5725974396
Better than any class I have taken on Web application security. It is nice to know that SQL Server 2005 has its issues just like every other database server.
BTW, The hacker has a hotmail address in the HOW-TO video for you to contact him :)
SecAdmin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20070701/79fde024/attachment.html
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: BitDefender.txt
Url: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20070701/79fde024/attachment.txt
Full-Disclosure is hosted and sponsored by Secunia.