Anyone know who wrote the original paper on SQLi? ( for @attritionorg )
-
-
-
@manicode Slight debate, RFP's in Phrack54 or SPI Dynamic's paper in 2002. Those seem to be the candidates. -
@attritionorg@manicode What about 'Advanced SQL Injection' by Chris Anley circa 2002? -
@clappymonkey@manicode that is the SPI paper -
@attritionorg@manicode Additionally, are you sure? Chris Anley was NGS Software not SPI, no? -
@clappymonkey@manicode crap you are right. Kevin Spett was SPI. Let me dig up Anley's paper then. -
@attritionorg@manicode No probs... I was NGS at the time, hence the memory ;) -
@clappymonkey@manicode Yep, good pointer, appreciate it!
End of conversation
New conversation -
-
-
@attritionorg I consider RFP's Phrack article "more seminal" than SPI Dynamics' /cc@BinaryParadox -
@SushiDude overflows were mentioned and used before A1's paper, but his set the tone. RFP's did not lead to mass disclosure of SQLi. -
@attritionorg are you stealing my research idea on the influence of seminal papers on mass disclosure? GET OUT OF MY HEAD! -
@SushiDude yes and no! the SQLi is curiosity after reading an article. yes, been scheming for a bigger project but not quite that...
End of conversation
New conversation -
-
-
@attritionorg I think that would be the SPI dynamics paper. Don't have a link handy right now, sorry. -
@dan_crowley http://is.gd/by09fV in 2002, good reference. that may be it. still digging! -
@attritionorg@dan_crowley huh, that link is magically not working for me -
@maradydd@dan_crowley the SPI paper can be found at http://is.gd/l6qMfZ (no longer available on SPI/HP site it seems)
End of conversation
New conversation -
-
-
@attritionorg I thought this was Rsnakes baby? -
@pjhartlieb have a link to his earliest SQLi paper/blog/etc? -
@attritionorg http://www.phrack.org/issues.html?issue=54&id=8#article … <--- "NT Web technology Vulnerabilities" Phrack 54 1998 ... maybe not seminal but earliest ref. ? -
@pjhartlieb right, RFP definitely has first, but it didn't spawn SQLi findings everywhere. 2002 was the first big wave of disclosures -
@attritionorg ah .. Now I see what you need ... A what did everyone hear / see that year
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.