postgresql – Page 9 – WindowsTechs.com

How strong should a database password be?

Posted on December 17, 2017 by sermonion x

Seems like a trivial question, but I couldn’t find other questions that address the following.

So I’m simply asking, how strong would my (super user) database credentials ideally be? I simply figured out, that since all of m… Continue reading How strong should a database password be?→

Public guest user for PostgreSQL?

Posted on October 28, 2017 by Matthias Fripp

I manage an open-source software project that relies on data that I am happy to share with the public. The software is hosted on github.com, but the dataset is too large to host there. It is easiest to keep the dataset in the… Continue reading Public guest user for PostgreSQL?→

Is this a SQL Injection attack or is it some sort of bug?

Posted on September 29, 2017 by Petar

I was looking through some data in our database when I came across a bunch of weird user_id entries:

user_id
-1080) ORDER BY 1#
-1149 UNION ALL SELECT 79,79,79,79,79,79,79,79,79#
-1359′ UNION ALL SELECT 79,79,79,79,79,79,79,… Continue reading Is this a SQL Injection attack or is it some sort of bug?→

Is this a SQL injection attack or is it some sort of bug?

Posted on September 29, 2017 by Petar

I was looking through some data in our database when I came across a bunch of weird user_id entries:

user_id
-1080) ORDER BY 1#
-1149 UNION ALL SELECT 79,79,79,79,79,79,79,79,79#
-1359′ UNION ALL SELECT 79,79,79,79,79,79,79,… Continue reading Is this a SQL injection attack or is it some sort of bug?→

Telegram-based Katyusha SQL injection scanner sold on hacker forums

Posted on July 12, 2017 by Zeljka Zorz

Despite regularly achieving one of the top spots on the OWASP Top 10 list of the most critical web application security risks, injection vulnerabilities continue to plague database-driven web sites and get regularly exploited by attackers. And when we talk about injection attacks, SQL injections are the most prominent, mostly because SQL databases are ubiquitous, and the attackers often succeeding in dumping the contents of the entire database. “The severity of SQL Injection attacks is … More → Continue reading Telegram-based Katyusha SQL injection scanner sold on hacker forums→

Ubuntu server rooted – apparently running dllhost? (Mystery solved) [on hold]

Posted on April 5, 2017 by AdrianB

I setup a test Ubuntu VPS about a month ago to run DHIS2, running on top of PostgreSQL and Tomcat (https://docs.dhis2.org/master/en/implementer/html/installation.html). No other software was installed. A few days ago I got an… Continue reading Ubuntu server rooted – apparently running dllhost? (Mystery solved) [on hold]→