Was there a seminal paper on SQLi? (e.g. the SQLi equiv of Aleph One's "Smashing The Stack For Fun And Profit" on overflows)? #crowdsource
-
-
Replying to @attritionorg
@attritionorg I think that would be the SPI dynamics paper. Don't have a link handy right now, sorry.1 reply 0 retweets 0 likes -
Replying to @dan_crowley
@dan_crowley http://is.gd/by09fV in 2002, good reference. that may be it. still digging!2 replies 0 retweets 0 likes -
Replying to @attritionorg
@attritionorg@dan_crowley I'd be inclined to say http://www.phrack.org/issues.html?id=8&issue=54 … for first paper or http://www.nccgroup.com/media/18418/advanced_sql_injection_in_sql_server_applications.pdf … from 20021 reply 0 retweets 0 likes -
Replying to @raesene
@raesene@attritionorg I think the question wasn't of which paper was first, but rather the most seminal paper. RFP is awesome tho.1 reply 0 retweets 0 likes -
Replying to @dan_crowley
@dan_crowley@attritionorg true, I think of the NGS one as seminal as it was the 1st I saw to really break down SQLi in detail.1 reply 0 retweets 0 likes
@raesene @dan_crowley I think it will be ~ 50/50 between NGS and SPI, simply based on which was read first
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.