Irregular Expressions:

SQL injection


March 29, 2011  9:50 PM

Blind SQL Injection on

Posted by: Dan O'Connor
blind sql injection, mysql hack, SQL injection

Weekend break-in at, there is a posting on the full disclosure mailing list here; The posting includes the structure of the db also usernames and password hashes.  I don't see any postings from acknowledging the...

August 16, 2010  5:02 PM

The SQL CAST statement..

Posted by: Dan O'Connor
sql, sql cast, SQL injection I have played with this before, the most effective method I found of blocking these was looking for the CAST statement itself. The statement at least from the ones that I was playing with all had a "CAST", "SET", "VARCHAR", and "EXEC".  I found...

July 8, 2010  11:50 AM

Posted by: Dan O'Connor
SQL injection,

There appears to have been more then a few SQL injection vulnerabilities on, The group responsible says that none of the information gained was sold or disseminated.  Still if you had an account there I...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: