Platinum Sponsor

SQL Injection from website to SQL Server

SQL Injection is still one of the biggest reasons various websites and applications get hacked.
The solution as everyone tells us is simple. Use SQL parameters. But is that enough?

In this session we'll look at how would an attacker go about using SQL Injection to gain access to your database, see its schema and data, take over the server, upload files and do various other mischief on your domain.
Presented by Mladen Prajdić at SQLBits XI
Tags (no tags)
  • Downloads
    Sorry, there are no downloads available for this session.
  • SpeakerBIO
    Mladen_Prajdic.png
    Mladen Prajdić is a SQL Server MVP from Slovenia and a C# and SQL Server developer for over 10 years. He blogs at http://weblogs.sqlteam.com/mladenp. He develops a popular add-in for SSMS, called SSMS Tools Pack (http://www.ssmstoolspack.com/).
    http://weblogs.sqlteam.com/mladenp http://feeds.feedburner.com/mladenp
  • Video
    The video is not available to view online.
  • Session Files Explorer
    The network name cannot be found.