Comments on: 50 Ways to Inject Your SQL http://www.cigital.com/justiceleague/2009/06/16/50-ways-to-inject-your-sql/ The Cigital Software Security and Quality Blog Fri, 15 Jan 2010 15:00:13 +0000 http://wordpress.org/?v=2.9.2 hourly 1 By: 50 Ways to Inject Your SQL « Erich sieht http://www.cigital.com/justiceleague/2009/06/16/50-ways-to-inject-your-sql/comment-page-1/#comment-13792 50 Ways to Inject Your SQL « Erich sieht Sun, 05 Jul 2009 15:20:34 +0000 http://www.cigital.com/justiceleague/?p=187#comment-13792 [...] (direct link, found here) [...] [...] (direct link, found here) [...]

]]> By: gem http://www.cigital.com/justiceleague/2009/06/16/50-ways-to-inject-your-sql/comment-page-1/#comment-13781 gem Tue, 16 Jun 2009 19:10:55 +0000 http://www.cigital.com/justiceleague/?p=187#comment-13781 Paco assures me that "rime" is interchangeable with "rhyme." In fact, he says: > If you look it up in the dictionary, it says “See: rhyme.” [smiley elided] > It’s just an alternative/antiquated spelling. I had an poetry book in English > class in high school where they always spelled it rime and it drove me crazy. > I’m “paying it forward.” [second smiley elided] As a person who is spelling challenged (to say the least) I have no choice but to believe him. gem Paco assures me that “rime” is interchangeable with “rhyme.” In fact, he says:

> If you look it up in the dictionary, it says “See: rhyme.” [smiley elided]

> It’s just an alternative/antiquated spelling. I had an poetry book in English > class in high school where they always spelled it rime and it drove me crazy. > I’m “paying it forward.” [second smiley elided]

As a person who is spelling challenged (to say the least) I have no choice but to believe him.

gem

]]> By: Zacharias http://www.cigital.com/justiceleague/2009/06/16/50-ways-to-inject-your-sql/comment-page-1/#comment-13779 Zacharias Tue, 16 Jun 2009 17:19:21 +0000 http://www.cigital.com/justiceleague/?p=187#comment-13779 Hello, Unrealated to SQL Injection, there may be a more convenient way to turn your thick clent into the admin, or higher privileged user equivalent depending on how it's written by using something like HawkEye (http://www.acorns.com.au/Projects/Hawkeye/). From there, and depending on how your app is written, you may be allowed to access admin only functions from the front-end. ./Z Hello,

Unrealated to SQL Injection, there may be a more convenient way to turn your thick clent into the admin, or higher privileged user equivalent depending on how it’s written by using something like HawkEye (http://www.acorns.com.au/Projects/Hawkeye/). From there, and depending on how your app is written, you may be allowed to access admin only functions from the front-end.

./Z

]]>