WebApp Sec mailing list archives

Re: yet another injection question

From: "Kevin Spett" <kspett () spidynamics com>
Date: Tue, 15 Apr 2003 11:40:49 -0400

Can you post the SQL statement you're using, including whatever you need to
break out of the application's original SQL statement?


Kevin Spett
SPI Labs
http://www.spidynamics.com/

----- Original Message -----
From: "ronen" <ronen () avnet co il>
To: "web-app-sec list" <webappsec () securityfocus com>
Sent: Tuesday, April 15, 2003 3:48 AM
Subject: yet another injection question

Hello all,



While pen testing a web application, and bypassing the authentication

using

a basic injection, I've tried to add a user to the database through a
built-in form.



However, when sending the URL, I received the follows:



[Microsoft][ODBC SQL Server Driver][SQL Server]Cannot insert the value

NULL

into column 'FOO', table 'BAR'; column does not allow nulls. INSERT fails.





The request URL has a field named 'FOO', and I explicitly inserted a value
to that field.



I was logged in with a privileged user (seems to have the highest

privileges

available ).



Any idea what's the reason for the mentioned ODBC error.



BTW, the system is a 'Microsoft SQL Server 7.00 - 7.00.1063' running on
Windows NT 5.0 (Build 2195: Service Pack 3).



Thanking you all in advance.



Ronen

Current thread:

yet another injection question ronen (Apr 15)
- Re: yet another injection question Kevin Spett (Apr 15)
- <Possible follow-ups>
- RE: yet another injection question Jacob Hurley (Apr 15)
  - RE: yet another injection question ronen (Apr 15)
- RE: yet another injection question David Cameron (Apr 15)