An investigation into PL/SQL Injection.

Paterson, Ross; Leimich, Petra

An investigation into PL/SQL Injection.

Paterson, Ross; Leimich, Petra

Authors

Ross Paterson

Dr Petra Leimich P.Leimich@napier.ac.uk
Lecturer

Abstract

SQL injection is a common attack method used to leverage infor-mation out of a database or to compromise a company’s network. This paper investigates four injection attacks that can be conducted against the PL/SQL engine of Oracle databases, comparing two recent releases (10g, 11g) of Oracle. The results of the experiments showed that both releases of Oracle were vulner-able to injection but that the injection technique often differed in the packages that it could be conducted in.

Citation

Paterson, R., & Leimich, P. (2013, June). An investigation into PL/SQL Injection. Presented at CyberForensics 2013: 3rd International Conference on Cybercrime, Security and Digital Forensics

Conference Name	CyberForensics 2013: 3rd International Conference on Cybercrime, Security and Digital Forensics
Start Date	Jun 10, 2013
End Date	Jan 11, 2013
Acceptance Date	May 25, 2013
Publication Date	2013
Deposit Date	Jun 8, 2016
Peer Reviewed	Peer Reviewed
Pages	57-64
ISBN	978-0-947649-97-5
Keywords	Oracle; PL/SQL; SQL Injection; Database Security; Code Injection;
Public URL	http://researchrepository.napier.ac.uk/id/eprint/10350

On the digital forensic analysis of the Firefox browser via recovery of SQLite artefacts from unallocated space (2012)
Presentation / Conference Contribution

Fingerprinting JPEGs With Optimised Huffman Tables (2018)
Journal Article

Editorial: TLAD 2015 (2015)
Presentation / Conference Contribution

Editorial: TLAD 2014 (2014)
Presentation / Conference Contribution

Editorial: TLAD 2013 (2013)
Presentation / Conference Contribution

Downloadable Citations

HTML

BIB

RTF

Authors

Abstract

Citation

You might also like

Downloadable Citations