Comments on: ‘strings’ to the rescue http://www.pythian.com/news/3791/strings-to-the-rescue/ News and views from Pythian DBAs Fri, 10 Feb 2012 13:01:25 +0000 hourly 1 http://wordpress.org/?v=3.0.4 By: David Edwards http://www.pythian.com/news/3791/strings-to-the-rescue/#comment-380069 David Edwards Wed, 21 Oct 2009 16:07:11 +0000 http://www.pythian.com/news/?p=3791#comment-380069 You're obviously really onto something, Sheeri. See <a href="http://www.dailykos.com/storyonly/2009/10/20/795343/-Sequoia-Voting-Systems-hacks-self-in-foot" rel="nofollow">Sequoia Voting Systems hacks self in foot</a>: <blockquote>Sequoia Voting Systems has inadvertently released the SQL (Structured Query Language) code for its voting databases. The existence of such code appears to violate Federal voting law. [...] <blockquote>The Linux "strings" command was able to peel it apart. Nedit was able to digest 800meg text files. What was revealed was thousands of lines of MS-SQL source code that appears to control or at least influence the logical flow of the election...</blockquote></blockquote> You’re obviously really onto something, Sheeri. See Sequoia Voting Systems hacks self in foot:

Sequoia Voting Systems has inadvertently released the SQL (Structured Query Language) code for its voting databases. The existence of such code appears to violate Federal voting law. [...]

The Linux “strings” command was able to peel it apart. Nedit was able to digest 800meg text files. What was revealed was thousands of lines of MS-SQL source code that appears to control or at least influence the logical flow of the election…

]]> By: Sheeri Cabral http://www.pythian.com/news/3791/strings-to-the-rescue/#comment-372627 Sheeri Cabral Mon, 31 Aug 2009 14:31:45 +0000 http://www.pythian.com/news/?p=3791#comment-372627 strcp -- good question. I haven't ever run into false positives, but it's not a technique I use very frequently (maybe once every few months). theoretically it's possible, but at least for the mysql.user table and the mysql database in general, those tables don't tend to get highly fragmented. strcp — good question. I haven’t ever run into false positives, but it’s not a technique I use very frequently (maybe once every few months). theoretically it’s possible, but at least for the mysql.user table and the mysql database in general, those tables don’t tend to get highly fragmented.

]]> By: strcmp http://www.pythian.com/news/3791/strings-to-the-rescue/#comment-372388 strcmp Sun, 30 Aug 2009 13:39:41 +0000 http://www.pythian.com/news/?p=3791#comment-372388 do you get false positives with this method? is DELETE-d data overwritten by the storage engine or can you get matches on dead remnants in the table's free space? do you get false positives with this method? is DELETE-d data overwritten by the storage engine or can you get matches on dead remnants in the table’s free space?

]]>