Penetration Testing mailing list archives
Re: SQL Injection - data ntext,image cannot group by....
From: "Kevin Spett" <kspett () spidynamics com>
Date: Wed, 20 Mar 2002 18:58:28 -0800
Try the convert hack if it's SQL Server. Make your injection string something like this: convert(int, (convert(varchar, (SELECT TOP 1 name FROM sysobjects WHERE xtype='U')))) You should get back an error message that contains the first name in sysobjects. Again, if it's SQL Server, you can inject procedures. Try injecting sp_makewebtask, which has been discussed on this list twice in the last week I think. You also might want to include in your report that (in theory) they may get a slight performance increase by using type ntext instead of text. The text data type is really there to just include extra information that isn't supposed to be used in applications often (or at least that's my understanding of it.) Kevin Spett SPI Dynamics, Inc. ----- Original Message ----- From: "Sony Arianto Kurniawan" <sony-ak () aritechdev com> To: <pen-test () securityfocus com> Sent: Tuesday, March 19, 2002 8:39 AM Subject: SQL Injection - data ntext,image cannot group by....
Dear pen tester, I'm interested in SQL injection. I try to know the table structure using ' having 1=1 -- and ' group by [table_name].[field_name] to enumerate the fields. But the table contains field with text or image type. I can't use group by and I can't continue the injection :( Is there any method to address this problem? Thanks. Sony AK http://www.aritechdev.com/ --------------------------------------------------------------------------
--
This list is provided by the SecurityFocus Security Intelligence Alert
(SIA)
Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please
see:
https://alerts.securityfocus.com/
---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- SQL Injection - data ntext,image cannot group by.... Sony Arianto Kurniawan (Mar 18)
- Re: SQL Injection - data ntext,image cannot group by.... Kevin Spett (Mar 21)