IDS mailing list archives

Re: SQL injection Patterns

From: "Ravi Chunduru" <ravi.is.chunduru () gmail com>
Date: Mon, 30 Jun 2008 17:09:35 -0700

there may be many sources.  I got lot of understanding of SQL/XSS/LFI
and RFI attacks by going through signatures provided by
emergingthreats and IntruPro-IPS signatures. These signature look for
SQL/scripts using patterns. Also SQL injection cheat sheet is one
useful resource.

http://www.emergingthreats.net/rules/emerging-web_sql_injection.rules
http://wiki.intoto.com/intoto_wiki/tiki-index.php?page=IntruPro-IPS :
you can see signatures only after downloading and installing their
management application.

Ravi

On Sat, Jun 28, 2008 at 8:34 AM,  <nitish_mathur () gmail com> wrote:


I am studying SQL injection attacks. Generelly what patters in the incoming stream presents the occurence of SQL 
injection attacks.


Thanks in advance.


Nitish

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
to learn more.
------------------------------------------------------------------------


------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw 
to learn more.
------------------------------------------------------------------------

Current thread:

Re: SQL injection Patterns M. GAD (Jul 01)
- <Possible follow-ups>
- Re: SQL injection Patterns Ravi Chunduru (Jul 01)
- Re: SQL injection Patterns Rick Zhong (Jul 02)