An investigation into PL/SQL Injection.
Paterson, Ross; Leimich, Petra
SQL injection is a common attack method used to leverage infor-mation out of a database or to compromise a company’s network. This paper investigates four injection attacks that can be conducted against the PL/SQL engine of Oracle databases, comparing two recent releases (10g, 11g) of Oracle. The results of the experiments showed that both releases of Oracle were vulner-able to injection but that the injection technique often differed in the packages that it could be conducted in.
Paterson, R., & Leimich, P. (2013). An investigation into PL/SQL Injection.
|Conference Name||CyberForensics 2013: 3rd International Conference on Cybercrime, Security and Digital Forensics|
|Start Date||Jun 10, 2013|
|End Date||Jan 11, 2013|
|Acceptance Date||May 25, 2013|
|Deposit Date||Jun 8, 2016|
|Peer Reviewed||Peer Reviewed|
|Keywords||Oracle; PL/SQL; SQL Injection; Database Security; Code Injection;|
You might also like
Fast Forensic Triage Using Centralised Thumbnail Caches on Windows Operating Systems
A Forensic Audit of the Tor Browser Bundle
Reducing the Impact of Network Bottlenecks on Remote Contraband Detection
Sub-file Hashing Strategies for Fast Contraband Detection
Fingerprinting JPEGs With Optimised Huffman Tables