sql injection - Page 2
Page 2 of 2 FirstFirst 12
Results 11 to 13 of 13

Thread: sql injection

  1. #11
    AO BOFH: Luser Abuser BModeratorFH gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    Or if you played me in Doom or Doom2 you'd need one to calculate how much money you owed me

    Just for the sake of discussion, you could probably very easily set up one of your many machines with Perl, Apache, and basically make a script do the same thing could you not?

    I mean I'm no coder, but even I know a little Perl and how to make it do a few things similar to that if I have a reference.

    Or also, you could probably use a shell script to do something similar too couldn't you?

    A text file and a script could probably do this. Maybe not as "nice" but it's possible I'm sure.

    Also, I'm not trying to say Database servers have NO reason to be around, I'm simply someone who really hasn't ever came across a real need for one. Everything I do I can usually do without one, and that includes keeping track of my VERY large Horror movie collection.

    I use a text file to do it I have it numbered so I know how many there are, and then I put the title of the movie, the year of the one I have (I have multiple copies of a lot of them) and if it's black and white or color, and also what format it's in.

    Now, on most UNIX based systems I can just as easy make it something I can search through:

    awk 'BEGIN {FS="~"} $3 == "GrindHouseReleasing"\
    {printf "%s\n%s\n$s, $s $s\n\n",$1,$2,$3,$4,$5,}' MyCollection.txt | lp

    That should search the text file for whatever I'm looking for and give me listings based on what I wanted to find. Since I have every line of that file written in a syntax exactly the same as the others, it could find stuff based on years released, color or not, DVD or not and Zombie flick or not.

    So really I could take that movie collection and make a database for it, but why? Obviously I don't want to type all that crap, hell I didn't want to in the reply, but it shows what you can do without using one. And I could very easily turn that into a Perl script, and even build options where I run the script, press 1 or something to do a search, tell it what I want and have it do the work for me.
    Kill the lights, let the candles burn behind the pumpkins’ mischievous grins, and let the skeletons dance. For one thing is certain, The Misfits have returned and once again everyday is Halloween.The Misfits FreeBSD
    Cannibal Holocaust
    SuSE Linux
    Slackware Linux

  2. #12
    Right turn Clyde Nokia's Avatar
    Join Date
    Aug 2003
    Location
    Button Moon
    Posts
    1,696
    I have MSSQL 2005, Oracle 10g, MySql and thinking of getting DB2 at home......wouldn't have a clue how to use them properly and actually store data in em' but could root them and get your SAM or shadow file via em easy enough...
    Drugs have taught an entire generation of kids the metric system.

    http://tazforum.**********.com/

  3. #13
    THE Bastard Sys***** dinowuff's Avatar
    Join Date
    Jun 2003
    Location
    Third planet from the Sun
    Posts
    1,250
    I have Oracle 9i, (gave up on Oracle because of the license fees) I use M$SQL 2000. I dump my online banking info into SQL, Car, house, life insurance info. I have a small recipe asp app - a home grown calendar - reminder app. Pretty much for scheduling the kids. Ballet, T-Ball, Socker, hot lunch, days off yadda yadda. I needed something with the power of Outlook - project but easy enough the wife and the 6 year old could use. Ended up writing that over a few weeks.

    Biggest benefit for running a database is taxes. For me anyway. I have three different portfolio's two different banks and multiple accounts with in each bank. I have to report income, gains, losses, interest - all sorts of stuff. Taxes take me less than two hours to prepare. Every few years, I hire a tax accountant to verify my work. They usually charge me for 5 hours.

    I have MySql but don't play with it unless someone needs help with their apps and I need a test bed.

    Lot's of other stuff live on my SQL DB.
    09:F9:11:02:9D:74:E3:5B8:41:56:C5:63:56:88:C0

Similar Threads

  1. Shoestring SQL Injection Prevention
    By catch in forum The Security Tutorials Forum
    Replies: 27
    Last Post: August 9th, 2006, 08:01 AM
  2. SQL Tutorial – Basics
    By mikester2 in forum Other Tutorials Forum
    Replies: 5
    Last Post: January 31st, 2005, 12:16 PM
  3. Heads Up - Cumulative Patch for Microsoft SQL Server (815495)
    By CXGJarrod in forum Microsoft Security Discussions
    Replies: 0
    Last Post: July 23rd, 2003, 10:00 PM
  4. SQL Injection
    By sambeckett in forum AntiOnline's General Chit Chat
    Replies: 1
    Last Post: February 13th, 2003, 07:53 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •