SQL Injection Is Easy to Do
As we previously stated, SQL injection is the number-one security vulnerability globally as reported and tracked by the Open Web Application Security Project (OWASP; www.owasp.org). Because of this continued vulnerability, we decided to show you how to do SQL injection. However, keep in mind that we are showing you how to do it so that you can prevent this situation from happening to you. You need to make sure you include the vulnerability checks as a part of your coding and design reviews. Then this will never happen to you.
If you have a typical .NET forms application that prompts users to provide filter criteria to locate information, this is often a perfect place for hackers to add their own malicious code to ...
Get Microsoft® SQL Server 2008 R2 Unleashed now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.