That's it. I'm going to be making a bumper sticker that i can slap on the back of my truck right next to my license plate. It's going to read as: or 1=1; EXEC sp_MSforeachtable @command1 = "DROP TABLE ?" I'm crossing fingers they have backup problem. w00t!
EXEC sp_MSforeachtable @command1 = “DELETE FROM ?” Table still intact, just no data, less likely to load backups shame it wouldn't work
You gentlemen are speaking a foreign language. I am guessing it is a computer command, that would cause a negative result through curiosity? Like telling an operating system to delete itself?
It's called Sql Injection. basically the premise is their license plate scanner scans my plate number and adds what it reads to a query that is sent to a database. my OR 1=1 will always be true so in theory it should run the command right after. EXEC sp_MSforeachtable @command1 = "DROP TABLE ?" to delete all of the tables in that exist in the database, Like; License plate, driver licenses, driver name, driver history, infraction database, car owner ship etc. DELETE FROM ? Would delete all the data recursively from each table in the database another command would be TRUNCATE FROM ? Would do the same but deletes all the data in one call per table instead of row by row. Basically it would just be fun if the (po po ) haven't protected their lookup algorithm to prevent sql injection. But the command is specialized to attack Microsoft SQL servers. If it's another database, I'd probably have it query a webservice on the internet that would perform the same thing but I could make it do much more.
If this ran true, would it delete your info, or ALL info of all drivers in their databanks? Would it be possible to insert the command that you were "exempt" ? I would think that missing info, would make for long traffic stops.
LOL, no this would send it back to the main data storage. thought is it would wipe it all out. An with the new cameras that are looking at all the license plates as the officer drives, just looking for those with warrants, stolen cars, individuals of interest, etc. So just the act of scanning and searching not necessarily as part of a traffic stop is good enough. Again, this is purely for 'Educational and Theoretical Purposes only' real life practice it may include being tasered. Anything worth doing is worth doing to the utmost.
noPhoto Shoots a Flash Back at Traffic Cameras to Shield License Plate and Prevent Tickets | Video | TheBlaze.com
I think Kellory is thinking that it deletes all data in the DMV database, no this only deletes data in the camera server, all you DL info is still available for LEO's to access
True enough. I was not clear on the scope of the command. Thank you. I also remember a polarized lens licence plate cover, that prevented a camera from taking a readable photo. They post traffic cameras on the front and back of bridges in californication, to get your face, and your tag as you pass. Cops got mad if they caught you with them, and would right an additional ticket for "illegal obstruction" I think, it's been a few years.
Well, that depends on where the executed query is sent. If the query is sent to the dmv database server .. well it may. Lots of variables. Plus database triggers could go up the food change to make updates to the 'deleted' or changed data. Anyway, it's mostly theoretical. mostly