Although I wouldn't consider myself a SQL Server expert, like any good developer, I know my way around stored procedures, database normalization, and proper indexing techniques. Occasionally, I get questions from customers about SQL injection attacks. The questions are usually along the lines of: "What is SQL injection?" or "Is it really a big concern?" I can tell you that it is a very big concern, and if you're writing web applications (on any platform), it would be irresponsible not to familiarize yourself with the exploit.
Mike Gunderloy's The Daily Grind 533 references a good introductory articled titled SQL Injection Attacks by Example by Stephen J. Friedl. Although the article is posted on a Unix tech tips site, its content is nonetheless germane to almost any web application on any platform. His example illustrates a SQL injection exploit on IIS 6, ASP.NET, and SQL Server.
Here are some other resources that I typically forward to curious developers:
But, if you really want to freak out (or if you want to demonstrate to management how critical it is to worry about such issues), download the free proof-of-concept tool called Data Thief from Application Security, Inc. and a related whitepaper titled Manipulating Microsoft SQL Server Using SQL Injection. I saw this tool demonstrated at an internal security event, and the first thing that popped into my mind was: "This is Enterprise Manager for hackers." Scary stuff.
I work as System Engineer in a major ISP company and we are hosting a large number of legacy ASP applications which contain SQL Injection flaws. I always suggest clients to solve the problem by hardening the source code, but 9 out 10 times they don't have the resources. I have been using this tool when clients agree:
So far it seems to be working and I have not had problems except that I cannot install in Windows 64 bit. Have you heard about this tool? Is there a way to make it work in 64 bit? The source code is there but I am not good in C++.
P.S.: I am not using my real name to avoid problem with my clients.
PingBack from http://www.hilpers.it/2532861-sql-express-2005-conviene/2