4th - 7th March 2015

ExCeL London Exhibition and Convention Centre, London

SQL Injection from website to SQL Server

SQL Injection is still one of the biggest reasons various websites and applications get hacked.
The solution as everyone tells us is simple. Use SQL parameters. But is that enough?

In this session we'll look at how would an attacker go about using SQL Injection to gain access to your database, see its schema and data, take over the server, upload files and do various other mischief on your domain.
Presented by Mladen Prajdić at SQLBits XI
Tags (no tags)