Category: Database

This category is made for almost all database used in the information security

Good Reads For Information Security Domain

For February 2016 OpenSSL Releases Security Advisory for Several Vulnerabilities Drupal Releases Critical Security Advisory for Multiple Vulnerabilities Google Project Zero: The Definitive Guide on Win32 to NT Path Conversion Angler Attempts to Slip The Hook

Tagged with: , ,

0wn!ng using xp_cmdshell

Background Well we all know “xp_cmdshell” and its history. It is a windows shell that gets spawns and uses string argument for command execution. The point is what the big deal? Impact The moment you get the access of the

Tagged with: ,

sp_rename in MS SQL Server

Background When ever we have to change anything in the database we mostly use Management Studio and do the changes. But its always handy to know some useful stored procedure and commands for this kind of stuff. In this article

Tagged with: ,

Creating Filegroups in SQL Server

Background Daily data transaction will eventually anticipate growth of the database and there will be a need to scale to support the large amount of data. When we start we usually start with a very small database, but if we

Tagged with: ,

Image to DataBase and from DataBase to PictureBox control (C#)

Background I have been asked about that how would you put an image directly into the database rather saving it in a file system, that’s number one. Then second one was, how would you show the same image or any

Read/Write application’s config file

It is very often that you thought of writing values back to your .NET application’s config file would be more convenient. But the framework only provides the simple methods for reading from the config file, but when it comes to

Tagged with: ,

Cannot set a credential for ‘sa’ (SQL Server 2005/2008)

As best security guidelines today I was changing the password for ‘sa’ account using SQL Server Management Studio (SSMS) and unexpectedly I got an error message. Msg 15535, Level 16, State 1, Line 1 Cannot set a credential for principal

Tagged with: , , ,

Adding & Modifying Column in MSQL Server 2008

In this post we will see some scenarios while updating or adding columns to your table in microsoft SQL Server 2008. At times it will also help you in the Microsoft SQL Server 2005 and some previous versions. Scenario 1:

Tagged with:

SQL Injection in Stored Procedure & Preventing from the same

Following is the small example of creating a stored procedure. ==================================================================== CREATE PROC sp_login (@loginid nvarchar(25),@password nvarchar(25)) AS DECLARE @SQLString VARCHAR(500) DECLARE @loginid VARCHAR(64) DECLARE @password VARCHAR(64) /* Build the SQL string once.*/ SET @SQLString = ‘SELECT * from cust_users

Tagged with: ,