Alexander Kornbrust Oracle Security Blog

The following url contains a cheat sheet for Oracle SQL Injection. Not complete, some statements are a little bit complicated (e.g. SELECT table_name FROM all_tables WHERE TABLESPACE_NAME=’USERS‘ or SELECT username, FROM all_users UNION SELECT name, password FROM sys.user$, better: SELECT name, password FROM sys.user$ where type#=1).

This entry was posted on Dienstag, Oktober 2nd, 2007 at 21:21 and is filed under Oracle Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.