SQL Injection: Out-of-Band Exploitation
Recently I had a fairly slow Time-Based SQL injection vulnerability ... so I recommend combining functions like SUBSTR() and HEX() to ensure that the length does not exceed the maximum allowed in...
View Article#WordPress Table Prefix: Changing It Does Nothing to Improve Security
Using SQL injection, an attacker essentially gains the same level ... They do this: SELECT DISTINCT SUBSTRING(`TABLE_NAME` FROM 1 FOR ( LENGTH(`TABLE_NAME`)-8 ) ) FROM information_schema.TABLES WHERE...
View ArticleDetermine Which Cluster Node Failed
The following SQL statement shows how to use the sys.dm_pdw_component_health_active_alerts system view to find the name of the server that failed. SELECT SUBSTRING( component_instance_id, 2,...
View ArticleHow to Log and Monitor Your Server’s #Memory Usage without Using Third #Party...
You can easily identify which database in your SQL instance is consuming memory with the help ... SET @Count = 0 SET @pmv = '' set @amv = '' WHILE @Count <= LEN(@pm) BEGIN IF SUBSTRING(@pm,@Count,1)...
View ArticleT-SQL Substring: Splicing a String from Another String
Transact-SQL or T-SQL is a way to run SQL statements on your database tables. SQL Server offers several string functions, which you should know to properly manipulate and work with your data. The...
View ArticleString Comparisons in SQL: The Longest Common Substring.
I’ve always wanted a SQL function that tells me the longest substring shared between two strings. As a present to myself, I’ve written one. I hope someone else finds it useful. There are several...
View ArticleSQL: Which part should I execute first in which manner?
proc sql; select distinct e.firstname ... 04mar2000’d and a.destination=’CPH’ and a.empid=b.empid and a.empid=c.empid and d.jobcategory=substr(c.jobcode,1,2) and d.state=b.state and d.empid=e.empid;
View ArticleTiming-based Blind SQL Attacks
Using substr, every character in the string you’re trying to discover ... To run these queries against PgHero, the SQL needs to be wrapped in an appropriate cURL command:
View ArticleHow to Migrate SQL Server Database Fast and Completely
xp_cmdshell @finalscript In case of any database crashes during such migrations, do not hesitate to use SQL recovery tools like DataNumen SQL Recovery.
View ArticleOracle SQL Repeated words in the String
count ( * ) from (select regexp_substr ( col_name, '[^ ]+', 1, column_value ) result, col_name from table_name t , table ( cast ( multiset ( select distinct level from table_name x connect by level...
View ArticleSQL SUBSTRING Function
The SQL SUBSTRING function is one of the SQL String Function, which is used to return specified number of characters from the given expression. The SUBSTRING function uses its third argument to decide,...
View ArticleOptimizing Substring Search Performance in SQL Server
The requirement of searching data by part of the value is very common in business applications. All of us are familiar with it – users want to be able to search by entering just a few letters from the...
View ArticleSQL SUBSTRING Function
The SQL SUBSTRING function is one of the SQL String Function, which is used to return specified number of characters from the given expression. The SUBSTRING function uses its third argument to decide,...
View ArticleT-SQL Substring: Splicing a String from Another String
Transact-SQL or T-SQL is a way to run SQL statements on your database tables. SQL Server offers several string functions, which you should know to properly manipulate and work with your data. The...
View ArticleWhat's New in SQL Server 2016 (Database Engine)
SQL Server 2016 is a 64-bit application ... Parameters passed into string functions, such as into LTrim or Substring, in a native proc. Inline (meaning single statement) table-valued functions (TVFs)...
View ArticleHow to Migrate SQL Server Database Fast and Completely
xp_cmdshell @finalscript In case of any database crashes during such migrations, do not hesitate to use SQL recovery tools like DataNumen SQL Recovery.
View ArticleT-SQL Substring: Splicing a String from Another String
Transact-SQL or T-SQL is a way to run SQL statements on your database tables. SQL Server offers several string functions, which you should know to properly manipulate and work with your data. The...
View ArticleSQL: Which part should I execute first in which manner?
proc sql; select distinct e.firstname ... 04mar2000’d and a.destination=’CPH’ and a.empid=b.empid and a.empid=c.empid and d.jobcategory=substr(c.jobcode,1,2) and d.state=b.state and d.empid=e.empid;
View ArticleTiming-based Blind SQL Attacks
Using substr, every character in the string you’re trying to discover ... To run these queries against PgHero, the SQL needs to be wrapped in an appropriate cURL command:
View ArticleString Comparisons in SQL: The Longest Common Substring.
I’ve always wanted a SQL function that tells me the longest substring shared between two strings. As a present to myself, I’ve written one. I hope someone else finds it useful. There are several...
View Article