SQL Injection Fools Speed Traps And Clears Your Record

Typical speed camera traps have built-in OCR software that is used to recognize license plates. A clever hacker decided to see if he could defeat the system by using SQL Injection…

The basic premise of this hack is that the hacker has created a simple SQL statement which will hopefully cause the database to delete any record of his license plate. Or so he (she?) hopes. Talk about getting off scot-free!

The reason this works (or could work?) is because while you would think a traffic camera is only taught to recognize the license plate characters, the developers of the third-party image recognition software simply digitize the entire thing — recognizing any and all of the characters present. While it’s certainly clever, we’re pretty sure you’ll still get pulled over and questioned — but at least it’s not as extreme as building a flashbulb array to blind traffic cameras…

What do you guys think? Did it work? This image has been floating around the net for a few years now — if anyone knows the original story let us know!

110 thoughts on “SQL Injection Fools Speed Traps And Clears Your Record

  1. Hi!

    for those wondering, this is indeed from Poland, and that image is indeed a few years old…

    But the article shows only a part of the original image:

    http://static.crazyws.fr/resources/blog/2011/12/sql-injection-plaque-immatriculation.jpg

    the guy who did that hack was actually trying to hack a camera that was giving feedback immediately after. Because of the many reposts, it’s hard to find the original one to know how well did he manage to get it working.

    HTH

Leave a Reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.