SQL Injection Where You Wouldn’t Have Thought It Possible

David Litchfield just released a new paper: “A New Class of Vulnerability in Oracle: Lateral SQL Injection“. It’s a quick read at only 4 pages and very well explained if you’re a pentesting-type.  Well worth a read.

Oracle SQL Injection Cheat Sheet

Some useful syntax reminders for SQL Injection into Oracle databases…