954,597 Members — Technology Publication meets Social Media
Username:
Password:
Lost login information?
Have something to say? Contribute New Article Reply to this Article
3 Months Ago
0

Sql injection help

Hi everybody,
I found an error-based sql injection in my webserver.My database doesn't contain any private info.
I want to know if its possible to own my server just by using the info in information_shema.
Please tell me because i want to know if i have to fix it.I don't want to get hacked!
Thanks.
I can provide additional info if you need it.

Karlwakim
Junior Poster in Training
89 posts since Dec 2011
Reputation Points: 27
Solved Threads: 2
 
3 Months Ago
0

I'm not sure about taking control of your server from an SQL injection attack but you can easily lose your database. I can't remember the exact SQL code but I have seen scripts that can ascertain table names from the system tables. If you allow SQL injection attacks hackers can bypass your logins, pull out all the data, make all your data disappear, etc.

hericles
Practically a Posting Shark
823 posts since Nov 2007
Reputation Points: 136
Solved Threads: 168
 
3 Months Ago
0

Ok thanks,
I'm now fixing it

Karlwakim
Junior Poster in Training
89 posts since Dec 2011
Reputation Points: 27
Solved Threads: 2
 

This article has been dead for over three months

Post: Markdown Syntax: Formatting Help
You
View similar articles that have also been tagged:
 
© 2012 DaniWeb® LLC
Home | About Us | Contact Us | Terms of Service | Advertising Opportunities
RSS Feed RSS Feed