Index

SYMBOLS AND NUMERICS

@@version variable (Sybase), 217218

|| (double pipe) with Windows Command Interpreter, 43

″ (double quotes) for SQL injection (Sybase), 220

# (hash mark) in #NISR... notation, 12

one-bit patch Trojan (MySQL), 302303

′ (single quote)

CHAR function to bypass quote filters (Sybase), 219220

SQL injection using (MySQL), 282

SQL injection using (SQL Server), 359362

SQL injection using (Sybase), 214215

three-byte patch backdoor (SQL Server), 370373

0x0A leading byte DoS (SQL Server), 357

0x08 leading byte heap overflow (SQL Server), 356357

A

accounts (DB2)

enabling lockout, 153154

on Linux, 109

OS accounts and default passwords, 110

accounts (Informix)

authorization, 163164

creating highly privileged accounts, 184

discovering server instance name, 160

accounts (MySQL)

columns_priv table, 270, 271

db table, 269270

hosts table, 270

one-bit patch altering authentication, 302303

password for root@localhost account, 322

principle of least privilege, 324

privilege model, 266272

removing non-root users, 322

renaming root account, 322

restricting by IP address, 323324

routine audit, 327

tables_priv table, 270271

user table, 266269, 272

accounts (Oracle)

changing default passwords, 90

database account authentication, 32

DBA privileged, 3334, 5759, 9395

DBSNMP, 27, 32, 36, 49

default accounts and passwords, 4849

default usernames and passwords, 447469

enabling user account lockout, 92

for Intelligent Agent, 32

MDSYS, 49, 6870

new account creation, ...

Get The Database Hacker's Handbook: Defending Database Servers now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial