A FuLLy-FaLtOo BloG
Tumbld and Maintained by Pratyush (FuLLy-FaLtOo). FaLtOo is a Hindi word meaning "Crappy".
feedback at pratyush [AT] fully-faltoo [DOT] com
Powered by
Tumblr
Theme
by
Heather Rivers
SQL Injection - Is your site protected from it ? [Hacking]
Little time back we had written on how to hack BSNL Dataone accounts (the National Internet Backbone) and how to save your own account. Today we will like to discuss about a little exploit which is quite common on the sites using SQL. The trick is called SQL Injection.
What is SQL Injection ?
SQL injection is an attack in which malicious code is inserted into strings that are later passed to an instance of SQL Server for parsing and execution.
In other words:
“SQL Injection” is subset of the an unverified/unsanitized user input vulnerability (“buffer overflows” are a different subset), and the idea is to convince the application to run SQL code that was not intended.
Why SQL injection works ?
The reason SQL injection works is that whereas most systems separate code and data, SQL combines them together. All a hacker needs to do is include some of his own code with the data he sends to a website, then he can gain control of the website.
How to use it ?
Though there are many useful resources on the net, on of the simplest one is given below in the video.
Need to know more about it ?
Try these:
SQL Injection Attacks by Example
How to exploit the SQL Injection Attack
The purpose of the post is not to encourage hacking, but to get yourself equipped with knowledge to prevent your own site from such attacks. So beware of SQL INJECTION!
Get reminders on your mobile trough SMS or Voice Call – SMSlife.in
SMSlife.in is a cool new startup allowing you to “send free SMS – Voice - Xpressions and more”. It offers alerts and reminder services for mobiles through SMS and voice call. Thus it can be used as an alarm or a simple reminder service to get things done.
Using the alert feature you can save the Birthday and Anniversary alerts so that you don’t miss them again. The wishes will be sent to your friends and dear ones automatically, impressive – isn’t it ?
Using reminder service you can time a call which will remind you to go to the meeting or attend the function. In addition to these they also have an option of Xpressions. It is like Twitter for Indians :D, allowing you to write small messages of 160 characters.
Apart from these feature, it also allows you to send free SMS in India of 90 characters (followed by a small ad).
In there own words:
Why SMS life ?
Your battery may run down, your validity may have expired, you may not have charge.
But these things cannot keep you away from sending messages, now short messages are just a click away.
What more ?
You create your own phone book, your own favorite friends list etc;
Now you can access your virtual mobile anywhere, any time.
Overall SMSLife is a good and innovative idea. However adding a support of uploading the address book or synchronizing the features with Outlook calendar are some of the areas that can be considered to expand upon. Also the reminders sent are from the number of smslife.in, it would have been better if it was sent from the phone number of the user.
