Golgappa.net | Golgappa.org | BagIndia.net | BodyIndia.Com | CabIndia.net | CarsBikes.net | CarsBikes.org | CashIndia.net | ConsumerIndia.net | CookingIndia.net | DataIndia.net | DealIndia.net | EmailIndia.net | FirstTablet.com | FirstTourist.com | ForsaleIndia.net | IndiaBody.Com | IndiaCab.net | IndiaCash.net | IndiaModel.net | KidForum.net | OfficeIndia.net | PaysIndia.com | RestaurantIndia.net | RestaurantsIndia.net | SaleForum.net | SellForum.net | SoldIndia.com | StarIndia.net | TomatoCab.com | TomatoCabs.com | TownIndia.com
Interested to Buy Any Domain ? << Click Here >> for more details...

  1. Categories >> Software >> Security >> Computer Security
  2. Suggest New Category

If you were going to break into a database-based website, how would you do it?

Question Posted / chaitanya

Answer Posted / chaitanya

learning to break into your own systems so that you can pen test them yourself. While the exact methods are different for each type of database server and programming language, the easiest attack vector to test for first is an SQL injection technique. For example, if the input fields are not sterilized, just entering a specific set of symbols into a form field may be enough to get back data. Alternatively, depending again on how the site is written, using a specially crafted URL may be enough to get back data as well. Footprinting the server ahead of time can help in this task if it isn’t one you built yourself.

Is This Answer Correct ?    4 Yes 1 No



Post New Answer       View All Answers


Please Help Members By Posting Answers For Below Questions

1. Assume that passwords are selected from four-character combination of 26 alphabetic characters. Assume that an adversary is able to attempt passwords at a rate of one per second. a. Assuming no feedback to the adversary until each attempt has been completed, what is the expected time to recover the correct password? b. Assuming feedback to the adversary flagging an error as each incorrect character is entered, what is the expected time to discover the correct password?

2136

What is dora process in DHCP and how it works?

2991

I’m the CEO of a Fortune 500 company. I make more in an afternoon than you make in a year. I don’t care about this stupid security stuff, it just costs time and money and slows everything down. Why should I care about this junk?

1705

Does indexing slow down computer?

990

How would you login to Active Directory from a Linux or Mac box?

1778

What are the most common computer applications?

882

What is database in a computer?

955

What are accessories in computer?

905

What is data source in computer?

916

What is meant by computer application?

894

Is a console a computer?

945

I run an SMB. I have 4 people in my entire company and a web-based store. I don’t have the time, patience or manpower to have a computer guy. Why should I care about exploits and computer jibberish?

2088

What is a driver in computer?

896

What is a spooler on a computer?

1060

 What is Exfiltration?

1802