Talk:OWASP Testing Guide v2 Table of Contents - Revision history

Vanderaj at 01:22, 16 January 2007

2007-01-16T01:22:41Z

Woodmi: added to wrong discussion page, should be on AJAX testing discussion board

2007-01-11T20:15:04Z

added to wrong discussion page, should be on AJAX testing discussion board

Woodmi at 20:12, 11 January 2007

2007-01-11T20:12:44Z

Woodmi at 20:09, 11 January 2007

2007-01-11T20:09:39Z

New page

I believe that publishing this SQL injection as a test method is extremely dangerous. While professional testers know not to drop tables from databases, inexperienced testers or malicious users could attempt this on sites with potentially disastrous effects.

<pre>
SELECT id FROM users WHERE name='' AND pass=''; DROP TABLE users;
</pre>

I would recommend using a more benign SQL injection example, such as:

<pre>
SELECT id FROM users WHERE name=''or+1=1--' AND pass='';
</pre>

← Older revision	Revision as of 01:22, 16 January 2007
Line 1:	Line 1:
−	+	The ToC must have a authZ chapter. There's plenty of authZ content, just needs to be moved from business logic testing to a new chapter. [[User:Vanderaj\|Vanderaj]] 20:22, 15 January 2007 (EST)

← Older revision		Revision as of 20:15, 11 January 2007
Line 1:		Line 1:
−	I believe that publishing this SQL injection as a test method is extremely dangerous. While professional testers know not to drop tables from databases, inexperienced testers or malicious users could attempt this on sites with potentially disastrous effects.

−	~~<pre>~~
−	~~SELECT id FROM users WHERE name='' AND pass=''; DROP TABLE users;~~
−	~~</pre>~~
−
−	~~I would recommend using a more benign SQL injection example, such as:~~
−
−	~~<pre>~~
−	~~SELECT id FROM users WHERE name=''or+1=1--' AND pass='';~~
−	~~</pre>~~
−
−	~~This isn't the best example either as it may allow someone to log into a site, but it's better than dropping the users table. Then again, all SQL injection is dangerous.~~

← Older revision		Revision as of 20:12, 11 January 2007
Line 10:		Line 10:
	SELECT id FROM users WHERE name=''or+1=1--' AND pass='';		SELECT id FROM users WHERE name=''or+1=1--' AND pass='';
	</pre>		</pre>
		+
		+	This isn't the best example either as it may allow someone to log into a site, but it's better than dropping the users table. Then again, all SQL injection is dangerous.