Allowing unsanitized inputs. Allowing code execution in the wrong places, not verifying content types. It’s not all inputs, though. Output can fuck you just as well. systems can disclose juuuust enough to allow encryption key reversal at which point you’re pretty fucked. Also, this is very. hard. to. detect. in some cases. It can be automated to look like legitimate queries, but it’s actually a probe trying to get your keys. It’s pretty interesting stuff and once you know a fair bit about databases (I don’t, really) it’s rather trivial shit that even the most novice of programmers can create a tool for.
This talk “Cryptographic Oracles” is really awesome and explains how this works:
[media=youtube]f5mSizvoS4c[/media]