Archive for January, 2008

sql injection: inference attack (part 2)

Sunday, January 27th, 2008

In the previous article of this series (sql injection: inference attack) we saw an in introduction to the concept of SQL inference attacks. On security advisory: Plogger Photo Gallery SQL Injection we saw that the Plogger Photo Gallery SQL injection vulnerability was an ideal scenario to study SQL inference attacks.

Now it’s time to see a hands on example on how to exploit a SQL injection vulnerability using this technique. Please note that the intended audience of this article are security researchers that want to gain a deeper knowledge on the nature and internals of SQL inference attacks.
(more…)

Popularity: 32% [?]

Posted in Ruby, Security | No Comments »

ruby ToDo list

Thursday, January 24th, 2008

I have created a small Ruby on Rails application to keep track of my personal “ToDo” list of tasks. The idea is to split your different tasks into categories (i.e. important & urgent, no important & urgent, etc.) and have a web front end in which you can get a nice view of your pending tasks.
(more…)

Popularity: 22% [?]

Posted in Ruby | No Comments »