If you were going to break into a database-based website, how would you do it?
- 1 Answers
- 5212 Views
- I also Faced
- E-Mail Answers
Answer Posted / chaitanya
learning to break into your own systems so that you can pen test them yourself. While the exact methods are different for each type of database server and programming language, the easiest attack vector to test for first is an SQL injection technique. For example, if the input fields are not sterilized, just entering a specific set of symbols into a form field may be enough to get back data. Alternatively, depending again on how the site is written, using a specially crafted URL may be enough to get back data as well. Footprinting the server ahead of time can help in this task if it isn’t one you built yourself.
| Is This Answer Correct ? | 4 Yes | 1 No |
Post New Answer View All Answers
What are the most common computer applications?
What is a table in computer?
What is dora process in DHCP and how it works?
What is Exfiltration?
What is the most commonly used computer application?
What are accessories in computer?
What is the difference between a virus and a trojan?
A phonetic password generator picks two segments randomly for each six-letter password. The form of each segment is CVC (consonant, vowel, consonant), where V= < a, e, i, o, u > and C = (V.) ̅ What is the total password population? What is the probability of an adversary guessing a password correctly?
What is a driver in computer?
What is a spooler on a computer?
How would you login to Active Directory from a Linux or Mac box?
Does indexing slow down computer?
1. Assume that passwords are selected from four-character combination of 26 alphabetic characters. Assume that an adversary is able to attempt passwords at a rate of one per second. a. Assuming no feedback to the adversary until each attempt has been completed, what is the expected time to recover the correct password? b. Assuming feedback to the adversary flagging an error as each incorrect character is entered, what is the expected time to discover the correct password?
I’m the CEO of a Fortune 500 company. I make more in an afternoon than you make in a year. I don’t care about this stupid security stuff, it just costs time and money and slows everything down. Why should I care about this junk?
Is a console a computer?
