Oracle is like any other database product and, as a result, is vulnerable to SQL injection attacks. While Oracle fairs slightly better than some of the others, the following abuses can be inflicted on an Oracle database:
- UNIONS can be added to an existing statement to execute a second statement;
- SUBSELECTS can be added to existing statements;
- Existing SQL can be short-circuited to bring back all data. This technique is often used to gain access via third party-implemented authentication schemes;
- A large selection of installed packages and procedures are available, these include packages to read and write O/S files;
- Data Definition Language (DDL) can be injected if DDL is used in a dynamic SQL string;
- INSERTS, UPDATES and DELETES can also be injected; and,
- Other databases can be injected through the first by using database links.
On the other hand, the following abuses are not possible:
- Multiple statements are not allowed; and,
- It is also not possible to SQL inject a call that uses bind variables; this is therefore a good solution to most of the SQL injection issues.
No comments:
Post a Comment