WebApp Sec mailing list archives
Re: SQL Injection question
From: "Konstantin V. Sahin" <kotc-subscriber () yandex ru>
Date: Fri, 28 May 2004 01:04:34 +0400
Hello, Serg. SB> Hi All, SB> I am interested to know (if possible) how to extend an SQL injection attack to SB> display requested information from the injected query rather then the one coded into the software. SB> For example performing a successful injection in the following manner: SB> Normal: SB> http://domain.com/script.php?showdata.php=3 SB> Attack: SB> http://domain.com/script.php?showdata.php=3;select * from table where id=1 SB> would successfuly execute injected SQL on the datrabase server and return an error to the caller since the software was made to process a particular query... not injected one. SB> How and is it at all possible to actually view the data corresponding to injected SQL query, being: SB> select * from table where id=1? SB> Best Regards, SB> Serg Read this http://www.imperva.com/application_defense_center/white_papers/blind_sql_server_injection.html -- Best regards, Konstantin mailto:kotc-subscriber () yandex ru
Current thread:
- httprint version 202 released httprint (May 24)
- SQL Injection question Serg Belokamen (May 26)
- Re: SQL Injection question lazy (May 26)
- Re: SQL Injection question Konstantin V. Sahin (May 27)
- SQL Injection question Serg Belokamen (May 26)