ABSTRACT

Database security has recently become A victim of misused search engines. This can be accomplished simply by searching for a URL containing the name of the vulnerable web page or application. Oracle ships several sample web applications along with its databases. The security holes in these applications allow a web user to exploit SQL Injection to submit arbitrary SQL statements to the database. These applications are enabled by default, listening on port 7777, and known to be vulnerable to SQL Injection. This paper focuses on exploiting search engines to attack oracle database using SQL injection technique from web applications, when a website is vulnerable by SQL injection and this side is connected by oracle database vulnerable by SQL injection.

Keywords: - Search engine, WAF, ODF, Vulnerability, SQL injection.