Research and Development

Slides presented by Alberto Revelli at OwaspDay II in Rome, 31/03/2008. They describe some SQL Injection tricks that can be used to get a full access to the DB server’s operating system. The examples are mainly focused on MS SQL Server, but the concepts are valid for other DBMS as well.


Request to be added to the Portcullis Labs newsletter

We will email you whenever a new tool, or post is added to the site.

Your Name (required)

Your Email (required)