publication . Other literature type . Other ORP type . 2019

A Study of Out-of-Band Structured Query Language Injection

Lee Chun How;
Open Access
  • Published: 23 Aug 2019
Abstract
Out-of-Band (OOB) Structured Query Language (SQL) Injection is an exploitation to exfiltrate data from database through different outbound channel. Common channel use by OOB SQL Injection for data exfiltration are through Domain Name Server (DNS) and HyperText Transfer Protocol (HTTP) channels. This type of SQL injection should address properly due to the impact is on the par with traditional methods. OOB SQL Injection impacts on database systems with insufficient of input validation control in place and allowed access to public, either DNS or HTTP protocol. Test cases and recommendation for remediation have been discussed in this paper in order to raise awarene...
Persistent Identifiers
Subjects
ACM Computing Classification System: InformationSystems_DATABASEMANAGEMENT
free text keywords: SQL Injection, Out-of-Band, Input Validation, DNS, HTTP, SQL Injection, Out-of-Band, Input Validation, DNS, HTTP
Download fromView all 1 versions
Open Access
Zenodo
Other ORP type . 2019
Provider: Datacite
Open Access
ZENODO
Other literature type . 2019
Provider: ZENODO
Any information missing or wrong?Report an Issue