If you were going to break into a database-based website, how would you do it?
- 1 Answers
- 5241 Views
- I also Faced
- E-Mail Answers
Answer Posted / chaitanya
learning to break into your own systems so that you can pen test them yourself. While the exact methods are different for each type of database server and programming language, the easiest attack vector to test for first is an SQL injection technique. For example, if the input fields are not sterilized, just entering a specific set of symbols into a form field may be enough to get back data. Alternatively, depending again on how the site is written, using a specially crafted URL may be enough to get back data as well. Footprinting the server ahead of time can help in this task if it isn’t one you built yourself.
| Is This Answer Correct ? | 4 Yes | 1 No |
Post New Answer View All Answers
What is the difference between a virus and a trojan?
What is a spooler on a computer?
What is database in a computer?
1. Assume that passwords are selected from four-character combination of 26 alphabetic characters. Assume that an adversary is able to attempt passwords at a rate of one per second. a. Assuming no feedback to the adversary until each attempt has been completed, what is the expected time to recover the correct password? b. Assuming feedback to the adversary flagging an error as each incorrect character is entered, what is the expected time to discover the correct password?
I’m the CEO of a Fortune 500 company. I make more in an afternoon than you make in a year. I don’t care about this stupid security stuff, it just costs time and money and slows everything down. Why should I care about this junk?
What is the most commonly used computer application?
What is dora process in DHCP and how it works?
A phonetic password generator picks two segments randomly for each six-letter password. The form of each segment is CVC (consonant, vowel, consonant), where V= < a, e, i, o, u > and C = (V.) ̅ What is the total password population? What is the probability of an adversary guessing a password correctly?
Is a console a computer?
What are the most common computer applications?
Does indexing slow down computer?
What are accessories in computer?
What is a driver in computer?
I run an SMB. I have 4 people in my entire company and a web-based store. I don’t have the time, patience or manpower to have a computer guy. Why should I care about exploits and computer jibberish?
What is a table in computer?
