Posted by jpluimers on 2025/03/06
2.5 years after Miguel summarised the state of AI text models, and given SQL Injection (because of mixing control and data channels) still is a thing in the 2020’s, I wonder both how much improvement there has been on the AI side of things and how much it is used in pen testing.
So I archived the below tweets to be able to read back and figure out on the current state.
[Wayback/Archive] Miguel de Icaza on Twitter: “This is so beautiful – SQL Injection attacks but for GPT-3 and other AI text models.”:
Read the rest of this entry »
Posted in AI and ML; Artificial Intelligence & Machine Learning, Blue team, Database Development, Development, Pen Testing, Power User, Red team, Security, Software Development, SQL | Leave a Comment »
Posted by jpluimers on 2025/02/11
For my link archive: [Wayback/Archive] Payload Box.
It has lots of examples on payloads for various kinds of injections that are excellent teaching material.
Covered are Cross Site Scripting (XSS), SQL Injection, Server Side Template Injection, RFI/LFI, Command Injection, CSV Injection, Directory, Open Redirect and XML External Entity (XXE) Injection.
Got there when inspired by:
Read the rest of this entry »
Posted in Blue team, Database Development, Development, Power User, Red team, Security, Software Development, SQL, Web Development | Leave a Comment »
Posted by jpluimers on 2025/01/23
I love how Kristian Köhntopp often turns series of valuable tweets in a blog post. [Wayback/Archive] MySQL: Boiling JFrogs | Die wunderbare Welt von Isotopp is no different and has much more than the few quotes below (especially about the process of finding the solutions):
Read the rest of this entry »
Posted in Database Development, Development, MySQL, Profiling, Profiling-Performance-Measurement, Software Development | Leave a Comment »
Posted by jpluimers on 2025/01/07
For my link archive: [Wayback/Archive] MySQL: Row Literals | Die wunderbare Welt von Isotopp
Question on the Libera/#mysql IRC channel:
Is there a way to split a simple select into multiple returned rows? For example, select 1, 2, 3 to be returned as rows?
This is actually asking for a table literal notation. I know of four ways to construct a table literal in MySQL:
They are based on UNION ALL, JSON_TABLE and VALUES statement (the latter in two forms). I knew about the first (which I used in other database environments), not about the others.
Read the rest of this entry »
Posted in Database Development, Development, MySQL, SQL | Leave a Comment »
Posted by jpluimers on 2024/08/29
A friend of mine needed to figure out SQL Server deadlocks a while ago.
I hadn’t been doing stuff like this for quite some time, but remembered that unlike old SQL Server days, it had become relatively easy.
These links show you how:
Query:
[Wayback/Archive] sql server find deadlock history – Google Search
--jeroen
Posted in Database Development, Development, Software Development, SQL Server, SQL Server 2012, SQL Server 2014 | Leave a Comment »
Posted by jpluimers on 2024/08/07
At the time of writing a lot of this might be more recent, but for quite some time codepoints.net had not been updated with code point information newer Unicode releases.
Basically it was stuck at Unicode version 8.0 with some 120k glyphs. At the time of writing Unicode version 15.0 is in beta and the difference between 15.0 and 8.0 is some 24k glyphs.
So I had a quick twitter chat with the author and jotted down the links in this blog post so I won’t forget them.
There I learned it was open source (I think it is the only Unicode codepoint site that is).
Here it goes:
Read the rest of this entry »
Posted in *nix, *nix-tools, Apache2, codepoints.net, Conference Topics, Conferences, Database Development, Debian, Development, DVCS - Distributed Version Control, Encoding, Event, GitHub, Linux, MySQL, PHP, Power User, Scripting, Software Development, Source Code Management, Unicode, Web Development | Leave a Comment »
The Wiert Corner - irregular stream of stuff 