Golgappa.net | Golgappa.org | BagIndia.net | BodyIndia.Com | CabIndia.net | CarsBikes.net | CarsBikes.org | CashIndia.net | ConsumerIndia.net | CookingIndia.net | DataIndia.net | DealIndia.net | EmailIndia.net | FirstTablet.com | FirstTourist.com | ForsaleIndia.net | IndiaBody.Com | IndiaCab.net | IndiaCash.net | IndiaModel.net | KidForum.net | OfficeIndia.net | PaysIndia.com | RestaurantIndia.net | RestaurantsIndia.net | SaleForum.net | SellForum.net | SoldIndia.com | StarIndia.net | TomatoCab.com | TomatoCabs.com | TownIndia.com
Interested to Buy Any Domain ? << Click Here >> for more details...

  1. Categories >> Software >> Security >> Computer Security
  2. Suggest New Category

If you were going to break into a database-based website, how would you do it?

Question Posted / chaitanya

Answer Posted / chaitanya

learning to break into your own systems so that you can pen test them yourself. While the exact methods are different for each type of database server and programming language, the easiest attack vector to test for first is an SQL injection technique. For example, if the input fields are not sterilized, just entering a specific set of symbols into a form field may be enough to get back data. Alternatively, depending again on how the site is written, using a specially crafted URL may be enough to get back data as well. Footprinting the server ahead of time can help in this task if it isn’t one you built yourself.

Is This Answer Correct ?    4 Yes 1 No



Post New Answer       View All Answers


Please Help Members By Posting Answers For Below Questions

Is a console a computer?

994

What is data source in computer?

982

I run an SMB. I have 4 people in my entire company and a web-based store. I don’t have the time, patience or manpower to have a computer guy. Why should I care about exploits and computer jibberish?

2148

What is dora process in DHCP and how it works?

3049

What is a table in computer?

973

How would you login to Active Directory from a Linux or Mac box?

1819

What is meant by computer application?

942

What are accessories in computer?

952

What is the most commonly used computer application?

954

 What is Exfiltration?

1859

What is a driver in computer?

951

I’m the CEO of a Fortune 500 company. I make more in an afternoon than you make in a year. I don’t care about this stupid security stuff, it just costs time and money and slows everything down. Why should I care about this junk?

1763

1. Assume that passwords are selected from four-character combination of 26 alphabetic characters. Assume that an adversary is able to attempt passwords at a rate of one per second. a. Assuming no feedback to the adversary until each attempt has been completed, what is the expected time to recover the correct password? b. Assuming feedback to the adversary flagging an error as each incorrect character is entered, what is the expected time to discover the correct password?

2181

What are the most common computer applications?

931

What is database in a computer?

1002