An investigation into PL/SQL Injection.

Research Output

SQL injection is a common attack method used to leverage infor-mation out of a database or to compromise a company’s network. This paper investigates four injection attacks that can be conducted against the PL/SQL engine of Oracle databases, comparing two recent releases (10g, 11g) of Oracle. The results of the experiments showed that both releases of Oracle were vulner-able to injection but that the injection technique often differed in the packages that it could be conducted in.

Publication Status:

Published
Library of Congress:

QA75 Electronic computers. Computer science
Dewey Decimal Classification:

005.4 Systems programming and programs

http://researchrepository.napier.ac.uk/output/186996 <p>Paterson, R. & Leimich, P. (2012). An investigation into PL/SQL Injection. ISBN 978-0-947649-97-5</p>

Citation

Paterson, R. & Leimich, P. (2012). An investigation into PL/SQL Injection. ISBN 978-0-947649-97-5

Authors

Dr Petra Leimich

Lecturer
School of Computing Engineering and the Built Environment

0131 455 2593

P.Leimich@napier.ac.uk

Keywords

Oracle; PL/SQL; SQL Injection; Database Security; Code Injection;

Monthly Views:

Available Documents

pdf

PL_SQLi_Cyberfor2013_camera_ready.pdf
File is currently unavailable , please contact p.leimich@napier.ac.uk to request a copy

225KB
Downloadable citations
HTML BIB RTF

Publication Status:

Library of Congress:

Dewey Decimal Classification:

Citation

Authors

Dr Petra Leimich

Keywords

Monthly Views:

PL_SQLi_Cyberfor2013_camera_ready.pdf File is currently unavailable , please contact p.leimich@napier.ac.uk to request a copy

Downloadable citations

PL_SQLi_Cyberfor2013_camera_ready.pdf
File is currently unavailable , please contact p.leimich@napier.ac.uk to request a copy