Golgappa.net | Golgappa.org | BagIndia.net | BodyIndia.Com | CabIndia.net | CarsBikes.net | CarsBikes.org | CashIndia.net | ConsumerIndia.net | CookingIndia.net | DataIndia.net | DealIndia.net | EmailIndia.net | FirstTablet.com | FirstTourist.com | ForsaleIndia.net | IndiaBody.Com | IndiaCab.net | IndiaCash.net | IndiaModel.net | KidForum.net | OfficeIndia.net | PaysIndia.com | RestaurantIndia.net | RestaurantsIndia.net | SaleForum.net | SellForum.net | SoldIndia.com | StarIndia.net | TomatoCab.com | TomatoCabs.com | TownIndia.com
Interested to Buy Any Domain ? << Click Here >> for more details...

  1. Categories >> Software >> Security >> Computer Security
  2. Suggest New Category

If you were going to break into a database-based website, how would you do it?

Question Posted / chaitanya


If you were going to break into a database-based website, how would you do it?..

Answer / chaitanya

learning to break into your own systems so that you can pen test them yourself. While the exact methods are different for each type of database server and programming language, the easiest attack vector to test for first is an SQL injection technique. For example, if the input fields are not sterilized, just entering a specific set of symbols into a form field may be enough to get back data. Alternatively, depending again on how the site is written, using a specially crafted URL may be enough to get back data as well. Footprinting the server ahead of time can help in this task if it isn’t one you built yourself.

Is This Answer Correct ?    4 Yes 1 No

Post New Answer

More Computer Security Interview Questions

If you were going to break into a database-based website, how would you do it?

1 Answers  

What is meant by computer application?

0 Answers  

 What is your opinion on hacktivist groups such as Anonymous?

1 Answers  

What is the difference between closed-source and open-source? Which is better?

1 Answers  

What is data protection in transit vs data protection at rest?

1 Answers  

What is the Three-way handshake? How can it be used to create a DOS attack?

1 Answers  

What do you think of social networking sites such as Facebook and LinkedIn?

1 Answers  

 What is the difference between a vulnerability and an exploit?

1 Answers  

What is a spooler on a computer?

0 Answers  

What is an easy way to configure a network to allow only a single computer to login on a particular jack?

1 Answers  

1. Assume that passwords are selected from four-character combination of 26 alphabetic characters. Assume that an adversary is able to attempt passwords at a rate of one per second. a. Assuming no feedback to the adversary until each attempt has been completed, what is the expected time to recover the correct password? b. Assuming feedback to the adversary flagging an error as each incorrect character is entered, what is the expected time to discover the correct password?

0 Answers  

Is a console a computer?

0 Answers  

For more Computer Security Interview Questions Click Here
Categories
  • Computer Security Interview Questions Computer Security (58)
  • Mobile Security Interview Questions Mobile Security (9)
  • Hacking Interview Questions Hacking (33)
  • Security AllOther Interview Questions Security AllOther (4)