kubikpixel, 11 days ago to PostgreSQL

SQL Injection Cheatsheet:

This is an SQL injection cheatsheet with tried and true payloads / techniques that cover the 5 most popular database variants and their derivatives.

🔧 https://tib3rius.com/sqli

—
#MySQL #PostgreSQL #MSSQL #SQL #Server #Oracle #SQLite #cheatsheet #injection #data

stevensanderson, 1 month ago to stackoverflow

I was working on a problem today where I needed to pick out a department and a sub issue that were attached to each other as a single code in a comment.

I first went to use the traditional SUSTRING(comment_string, 1, 5) IN (my list of codes) but it was slow.

So off to work, I learned something new via #stackoverflow and learned to make a sarge-able LIKE with what ever I want in the narrower results.

Nice to learn something new.

#SQL #MSSQL #RegularExpressions #regex

phryk, 3 months ago to random

Do I know anybody who ever set up #MSSQL on a Linux box?

I already tried two different (officially supported) versions of Ubuntu and this piece of shit always dies when trying to run mssql-conf setup.

The "error log" contains a lot of shit that isn't actually errors, any error in there isn't of interest, the JSON files it stores for the crash point towards .dll files that obviously don't exist on a *nix box, strace gives me nothing of value and the core dumps aren't fucking core dumps… 🤮

nixCraft, 4 months ago to random

Which database do you have the most experience with? 🤔

0x58, 4 months ago to Cybersecurity

📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #02/2024 is out! It includes the following and much more:

➝ 🔓 🎽 Halara probes breach after hacker leaks data for 950,000 people
➝ 🔓 💥 #Mandiant's X Account Was Hacked Using Brute-Force Attack
➝ 🔓 🇵🇾 #Paraguay warns of Black Hunt #ransomware attacks after Tigo Business #breach
➝ 🇺🇸 💸 US SEC’s X account hacked to announce fake #Bitcoin ETF approval
➝ 🔓 🇨🇦 Toronto Zoo: Ransomware attack had no impact on animal #wellbeing
➝ 🔓 Mortgage firm loanDepot #cyberattack impacts IT systems, payment portal
➝ 🇫🇮 💸 #Finland warns of Akira ransomware wiping NAS and tape #backup devices
➝ 🇩🇰 🇷🇺 #Sandworm probably wasn’t behind Danish critical infrastructure cyberattack, report says
➝ 🇺🇦 🇷🇺 Pro-Ukraine hackers breach Russian ISP in revenge for #KyivStar attack
➝ 🇫🇷 🇺🇸 French Computer Hacker Jailed in US
➝ 🇳🇬 ⚖️ Nigerian gets 10 years for laundering millions stolen from elderly
➝ 🇹🇷 Turkish Hackers Exploiting Poorly Secured #MSSQL Servers Across the Globe
➝ 🇹🇷 🇳🇱 Turkish #Cyberspies Targeting Netherlands
➝ ☁️ 🇪🇺 #Microsoft Lets Cloud Users Keep Personal Data Within #Europe to Ease #Privacy Fears
➝ 🇺🇸 🇨🇳 #AI is helping US spies catch stealthy Chinese hacking ops, #NSA official says
➝ 🇱🇧 ✈️ Beirut Airport Screens Hacked with Anti-Hezbollah Message
➝ 🇸🇦 Saudi Ministry exposed sensitive data for 15 months
➝ 🇬🇷 #Greece to Establish New Authority to Counter Cyber-Attacks
➝ 🩹 #Siemens, #SchneiderElectric Release First #ICS Patch Tuesday Advisories of 2024
➝ 🐍 ☁️ New #Python-based FBot Hacking Toolkit Aims at #Cloud and #SaaS Platforms
➝ 🦠 📺 #YouTube Videos Promoting Cracked Software Distribute Lumma Stealer
➝ 🦠 🐧 #Linux devices are under attack by a never-before-seen worm
➝ 🦠 🇳🇱 Dutch Engineer Used Water Pump to Get Billion-Dollar #Stuxnet #Malware Into Iranian Nuclear Facility
➝ 🐡 🔐 DSA removal from #OpenSSH
➝ 🩹 #PatchTuesday
➝ 🐛 🔓 Actively exploited 0-days in #Ivanti VPN are letting hackers #backdoor networks
➝ 🔓 🔧 Hackers can infect network-connected wrenches to install ransomware
➝ 🇨🇳 🔓 #AirDrop cracked by #China, revealing phone number and email address of sender
➝ 🩹 #QNAP Patches High-Severity Flaws in QTS, Video Station, QuMagie, Netatalk Products
➝ 🐛 🔓 KyberSlash attacks put #quantum #encryption projects at risk

Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️

https://infosec-mashup.santolaria.net/p/infosec-mashup-week-022024

shhalahr, 6 months ago to PostgreSQL

Speaking as someone that's primarily used #MySQL, are any of the other #SQL dialects REALLY so different that job ads need to specify which one? I've never had any actual problems the few times I've worked with #PostgreSQL or #MSSQL.

#jobSearch #overlySpecificRequirements

csharpfritz, 7 months ago to azure

Cross posting from the bird-site.

There's now a Free SQL Server service offering

Check it out at https://aka.ms/FreeDB

#database #mssql #azure #dotnet

supergarv, 8 months ago to PostgreSQL German

Ich würde gern für SQL-Kompatibilitätstests eine Query auf diversen #MySQL, #MariaDB, #SQLite, #Postgresql und evtl #MSSQL Instanzen laufen lassen.

Also bestenfalls(?) pro DB-Typ&Version ein Docker-Image auf eigenem Port. Gern direkt mit initialen DBs&Tabellen aus nem zentralen SQL-Dump. Dann kann ich ein PHP Script damit connecten und iterieren.

Sowas muss doch schonmal jemand gemacht haben und ein docker-compose dafür besitzen, zB für QA/Testing? Finde aber nix.

@isotopp @tim ?

kedare, 9 months ago to SQLServer

Am I the only one to really prefer #sqlserver #mssql compared to #postgresql and #mysql ? 😆

I love the features, quality of the tooling and backup management.

Just a shame than this one is not open source, and still waiting for ARM support (until that there is Azure SQL edge that is kind of equivalent).

And you what is your favorite and why ?

#developer #sre #devops #dba #database #dotnet #python

_, 10 months ago to cooking

This is my #introduction post. I definitely did not make any posts before this.

• He/him
• I enjoy #cooking a lot.
• I'm a #SoftwareEngineer doing #webdev and #mobiledev (#JavaScript, #JQuery, #ColdFusion, #MySQL, #MSSQL, #Flutter, #Dart).
• I like #manga, #anime, and #manhwa, #DnD, #MagicTheGathering, #EDH, #Wildermyth, #LeagueOfLegends (but ARAM shenanigans only!)
• Eclectic music tastes.
• Recognizes the benefits of going outside but struggles to do so.
• I write lists often.

ljrk, 11 months ago to linux

Anyone here good with #mono? I could now build #FOCA (use: https://github.com/ljrk0/FOCA/tree/linux) successfully on #Linux, after getting friendly help on #msbuild errors by @rainer (make sure the env var VERSION is unset).

I could now start an #mssql database running in a #podman #container :

$ podman run \  
 -e 'MSSQL_SA_PASSWORD=Iwonttellyou1234' \  
 -e "MSSQL_PID=Express" \  
 -e "ACCEPT_EULA=Y" \  
 -p 1433:1433 \  
--rm \  
 mcr.microsoft.com/mssql/server:2022-latest  

While the connection dialog (https://github.com/rusanu/dataconnectiondialog) wouldn't allow me to select SQL Server Authentication initially, editing the FOCA.exe.config to set Integrated Security=false in connectionString (which allows using something different than Windows Authentication/NTLM) fixed that issue.

Unfortunately, after logging in with user name to "SA" and logging in with the password, it instantly crashes. Starting it again, it instantly hangs. It does work through #wine though.

khalidabuhakmeh, 1 year ago to random

I'm asking for the #dotnet community that uses #mssql as their #database