Comment by hammock
6 years ago
Could someone devise a SQL injection attack using a custom-made license plate? I'm imagining someone printing up
x'; DROP TABLE drivers; --
on a plate, and driving up and down the highway past automated license-plate readers.
Already done in Poland.
https://reposti.com/i/m/0W.jpg
I have DBA registered in my local county. The DBA name is:
I had a lot of fun at Bank of America when I signed up for my business bank account shortly after registering the name. Not quite a license plate but similarly themed
Ah little Bobby drivers ...
It always makes me so happy to see a "little Bobby tables we call him" reference when data inputs are discussed!!!
I will assume that we are all aware of the Exploits of a Mom, but just in case we have anyone reading this that doesn't already appreciate XKCD: https://www.xkcd.com/327/
; DROP TABLE "COMPANIES";-- LTD
https://beta.companieshouse.gov.uk/company/10542519
With how these systems seem to be written, absolutely.
https://hackaday.com/2014/04/04/sql-injection-fools-speed-tr...
Another picture (which I can't seem to find now) purportedly showed how one of the screens over the highway was displaying just an error message after triggering this exploit.
Automated its unlikely. I would guess they have a list of allowed characters to OCR to (right? Please!?)
But if entered manually by someone?
OMG!