ZIZI ‡‡‡ 선택과 집중~ ‡‡‡

SFX-SQLi (Select For XML SQL injection) is a new SQL injection technique which allows to extract the whole information of a Microsoft SQL Server 2005/2008 database in an extremely fast and efficient way.

This technique is based on the FOR XML clause, which is able to convert the content of a table into a single string, so its contents could be appended to some field injecting a subquery into a vulnerable input of a web application.

링크 : http://www.kachakil.com/papers/SFX-SQLi-en.htm

이 글과 관련있는 글을 자동검색한 결과입니다 [?]

• Html에 관한 글.. by sung329
• 이글루스 스킨 투명화할 줄 아시는 분; by Lzam
• properties by multy
• 스킨 조작 관련 도움 요청(해결) by 로리쿈
• 이글루 스킨 소스 by 스프