Penetration Testing mailing list archives
Sql injection/admin privileges
From: "NETTLES, RICHARD R." <rn0308982 () otc edu>
Date: Sun, 29 Mar 2009 14:50:55 -0500
I have been trying to learn more about website penetration. At the moment, a friend of mine runs a website and told me I could use it to help me out as long as I don't destroy anything and report to him everything I find. While I was doing manual input into the login, I found a hole that will give me access to a members account. Is it possible to access the admin account, or at least receive elevated privileges through that same hole? What reading material would you recommend to learn more about doing SQL injections, and what are some certifications that I should look into getting? Thank you, Richard ------------------------------------------------------------------------ This list is sponsored by: InfoSec Institute No time or budget for traveling to a training course in this fiscal year? Check out the online penetration testing courses available at InfoSec Institute. More than a boring "talking head", train in our virtual labs for a total hands-on training experience. Get the certs you need as well: CEH, CPT, CEPT, ECSA, LPT. http://www.infosecinstitute.com/request_online_training.html ------------------------------------------------------------------------
Current thread:
- Sql injection/admin privileges NETTLES, RICHARD R. (Mar 30)