WebApp Sec mailing list archives
answering my own question on DB2 sql injection
From: fr0stman <fr0stman () sun-tzu-security net>
Date: 25 Aug 2003 15:23:41 -0400
Ok I found out how the concat function is working and how to make it useful in mining data. I will put together a write up on how it worked in my test environment and post it to the list. Thanks to all who replied.BTW this works just fine in mining data from MSSQL databases where detailed error messages have been turned off as well. Just the concat statement is formatted a little differently. -- -- fr0stman -- Victorious warriors win first and then go to war, while defeated warriors go to war first and then seek to win. Sun-tzu, The Art of War. Strategic Assessments
Current thread:
- answering my own question on DB2 sql injection fr0stman (Aug 25)