Skip to content

CheckPointSW/QueryOrientedProgramming

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
 
 
 
 
 
 

Repository files navigation

Intro

SQLite is one of the most deployed software in the world. However, from a security perspective, it has only been examined through the lens of WebSQL and browser exploitation. We believe that this is just the tip of the iceberg. In our long term research, documented http://research.checkpoint.com/select-code_execution-from-using-sqlite, we experimented with the exploitation of memory corruption issues within SQLite without relying on any environment other than the SQL language.

Query Oriented Programming

QOP is our approach in implementing common pwning primitives using nothing but SQL queries. We want to share with the community in the hope of encouraging researchers to pursue the endless possibilities of database engines exploitation.

Disclaimer

  • The code is meant to be used for educational purposes only
  • We are not encouraging any illegal activtiy
  • The code is provided “as is” without any support

About

Query Oriented Programming (QOP) gadgets for SQLite-based exploitation

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages