Detecting SQL Injection in Oracle

by Pete Finnigan
Sept. 25, 2017 1 comment Symantec Pen Testing & Audits oracle sql injection

Last year I wrote a two-part paper about SQL Injection and Oracle. That paper explored which SQL injection techniques are possible with Oracle, gave some simple examples on how SQL injection works and some suggestions on how to prevent attackers and malicious employees using these methods. Those SQL Injection papers can be found here: "SQL injection and Oracle - part one" "SQL injection and Oracle - part two" This paper takes the subject further and investigates the possibilities for the Oracle Database Administrator (DBA) to detect SQL injection in the wild against her Oracle database. Is it possible to detect SQL injection happening? If so what tools and techniques can be employed to achieve this? The main focus of this paper is to explore some simple techniques in extracting logging and trace data that could be employed for monitoring. The aim is to show the reader what data is readily available so they can make their own mind up about what can be useful.

https://www.symantec.com/connect/articles/detecting-sql-injection-oracle

Avatar
2flash 7 months, 3 weeks ago

Your article seems pretty well documented and still quite actual (even if written some time ago). Thanks for the upload!

Reply